Navigation:
Browse pkgsrc
(this page) 2021-02-16 20:40:34 by Adam Ciarcinski | Files touched by this commit (5) |  |
Log message: python37 py37-html-docs: updated to 3.7.10 Python 3.7.10 Security bpo-42967: Fix web cache poisoning vulnerability by defaulting the query args \ separator to &, and allowing the user to choose a custom separator. bpo-42938: Avoid static buffers when computing the repr of ctypes.c_double and \ ctypes.c_longdouble values. bpo-42103: Prevented potential DoS attack via CPU and RAM exhaustion when \ processing malformed Apple Property List files in binary format. bpo-42051: The plistlib module no longer accepts entity declarations in XML \ plist files to avoid XML vulnerabilities. This should not affect users as entity \ declarations are not used in regular plist files. bpo-40791: Add volatile to the accumulator variable in hmac.compare_digest, \ making constant-time-defeating optimizations less likely. Library bpo-42103: InvalidFileException and RecursionError are now the only errors \ caused by loading malformed binary Plist file (previously ValueError and \ TypeError could be raised in some specific cases). bpo-41976: Fixed a bug that was causing ctypes.util.find_library() to return \ None when triying to locate a library in an environment when gcc>=9 is \ available and ldconfig is not. Patch by Pablo Galindo Documentation bpo-17140: Add documentation for the multiprocessing.pool.ThreadPool class. Tests bpo-42794: Update test_nntplib to use offical group name of news.aioe.org for \ testing. Patch by Dong-hee Na. bpo-41944: Tests for CJK codecs no longer call eval() on content received via HTTP. |
| 2020-12-07 14:14:39 by Nia Alarie | Files touched by this commit (5) |
Log message: python*: Revert shm_open workaround now it's fixed in mksandbox |
| 2020-12-06 12:35:32 by Nia Alarie | Files touched by this commit (5) |
Log message: python*: Disable runtime configure test on sem_getvalue behaviour Like the other test, because /dev/shm isn't available in the build environment doesn't mean it won't be available on the destination machine for the packages. |
| 2020-12-06 12:11:32 by Nia Alarie | Files touched by this commit (5) |
Log message: python*: Avoid configure test for POSIX semaphores on Linux. This attempts to build and run a program that uses POSIX semaphores. This fails in a pbulk sandbox that doesn't contain /dev/shm, resulting in a broken package where the idea that the platform doesn't support POSIX semaphores is baked in forever. In newer Python versions, this means Python doesn't even build properly. XXX: We might want to avoid it on other platforms too... |
| 2020-11-19 17:29:43 by Benny Siegert | Files touched by this commit (7) |
Log message:
python3{7,8,9}: build fix when include files have invalid UTF-8
I happen to have include/gts.h installed, which includes an accented
ISO-8859-1 character in its copyright message. This trips up the configuration
of Python in pkgsrc.
Ignore files with invalid unicode characters.
Also regenerate one other patch. No revision bump since the result is the same.
|
| 2020-11-18 12:03:31 by Sijmen J. Mulder | Files touched by this commit (3) |
Log message: lang/python37: Fix on CentOS 7 Same as lang/python38 fix just now: Move __has_attribute() inside #if defined(__has_attribute) body so the preprocessor doesn't break on that. |
| 2020-11-17 20:33:26 by Sijmen J. Mulder | Files touched by this commit (25) |
Log message: lang/python37: Fix for macOS 11 and Apple Silicon (Apple Silicon being their aarch64 platform.) This is backport of the same in lang/python39 and lang/python38. Some parts weren't applicable in 3.7. The setup.py script needed some work on the ffi code. Otherwise, minor changes. Patches consist of: - Upstream work: https://github.com/python/cpython/pull/22855 - Fix for setup.py to find libbz2.tbd and libz.tbd now that with the shared library cache there's nothing in /usr/lib. See: https://bugs.python.org/issue41116 - Addition of __arch64__ case to fix _decimal module. A very similar fix has since been committed upstream. |
| 2020-09-01 11:26:55 by Amitai Schleier | Files touched by this commit (9) |
Log message: Avoid MemoryError from "import ctypes" on OpenBSD (PR pkg/55134) for all applicable Pythons. Bump PKGREVISION. |
| 2020-08-19 09:08:34 by Adam Ciarcinski | Files touched by this commit (8) | |
Log message: python37 py37-html-docs: updated to 3.7.9 Python 3.7.9 final Security bpo-41304: Fixes python3x._pth being ignored on Windows, caused by the fix for \ bpo-29778 (CVE-2020-15801). bpo-29778: Ensure python3.dll is loaded from correct locations when Python is \ embedded (CVE-2020-15523). bpo-41004: CVE-2020-14422: The __hash__() methods of ipaddress.IPv4Interface and \ ipaddress.IPv6Interface incorrectly generated constant hash values of 32 and 128 \ respectively. This resulted in always causing hash collisions. The fix uses \ hash() to generate hash values for the tuple of (address, mask length, network \ address). bpo-39603: Prevent http header injection by rejecting control characters in \ http.client.putrequest(…). Core and Builtins bpo-33786: Fix asynchronous generators to handle GeneratorExit in athrow() correctly Library bpo-41288: Unpickling invalid NEWOBJ_EX opcode with the C implementation raises \ now UnpicklingError instead of crashing. bpo-39017: Avoid infinite loop when reading specially crafted TAR files using \ the tarfile module (CVE-2019-20907). bpo-41235: Fix the error handling in ssl.SSLContext.load_dh_params(). macOS bpo-41100: Additional fixes for testing on macOS 11 Big Sur Intel. Note: macOS \ 11 is not yet released, this release of Python is not fully supported on 11.0, \ and not all tests pass. |
| 2020-08-15 14:35:58 by Amitai Schleier | Files touched by this commit (8) |
Log message: Note that the need for this patch appears self-induced. |
New packages: