From 90929e6c2eae140ce937a679e88ee1caef0e1f77 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Hrn=C4=8Diar?= Date: Tue, 2 Jan 2024 10:29:28 +0100 Subject: [PATCH 1/4] Require python3-rpm-generators even when bootstrapping non-main Pythons --- python3.12.spec | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/python3.12.spec b/python3.12.spec index 384f033..2c51485 100644 --- a/python3.12.spec +++ b/python3.12.spec @@ -310,6 +310,9 @@ BuildRequires: %{python_wheel_pkg_prefix}-wheel-wheel # upgrading the main python3 to a new Python version, this would pull in the # old version instead. BuildRequires: python%{pybasever} +%endif + +%if %{without bootstrap} || %{without main_python} # for proper automatic provides BuildRequires: python3-rpm-generators %endif @@ -555,7 +558,8 @@ Recommends: %{pkgname}-pip # tox users are likely to need the devel subpackage Supplements: tox -%if %{without bootstrap} +%if %{without bootstrap} || %{without main_python} +# Generators run on the main Python 3 so we cannot require them when bootstrapping it Requires: (python3-rpm-generators if rpm-build) %endif From c604248608132ce9154b26a56cc4e3bb069a6b85 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Mon, 22 Jan 2024 09:22:06 +0000 Subject: [PATCH 2/4] Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild --- python3.12.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/python3.12.spec b/python3.12.spec index 2c51485..18133c6 100644 --- a/python3.12.spec +++ b/python3.12.spec @@ -17,7 +17,7 @@ URL: https://www.python.org/ #global prerel ... %global upstream_version %{general_version}%{?prerel} Version: %{general_version}%{?prerel:~%{prerel}} -Release: 2%{?dist} +Release: 3%{?dist} License: Python-2.0.1 @@ -1685,6 +1685,9 @@ CheckPython optimized # ====================================================== %changelog +* Mon Jan 22 2024 Fedora Release Engineering - 3.12.1-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + * Mon Dec 18 2023 Lumír Balhar - 3.12.1-2 - Security fix for CVE-2023-27043 (rhbz#2196190) From ff956d27be59b626d9e31c8c14ffee15eba53420 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Fri, 26 Jan 2024 13:32:50 +0000 Subject: [PATCH 3/4] Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild --- python3.12.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/python3.12.spec b/python3.12.spec index 18133c6..e9909b1 100644 --- a/python3.12.spec +++ b/python3.12.spec @@ -17,7 +17,7 @@ URL: https://www.python.org/ #global prerel ... %global upstream_version %{general_version}%{?prerel} Version: %{general_version}%{?prerel:~%{prerel}} -Release: 3%{?dist} +Release: 4%{?dist} License: Python-2.0.1 @@ -1685,6 +1685,9 @@ CheckPython optimized # ====================================================== %changelog +* Fri Jan 26 2024 Fedora Release Engineering - 3.12.1-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + * Mon Jan 22 2024 Fedora Release Engineering - 3.12.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild From d3e4f800706a718223b6f77722fa4445bd28404b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Hrn=C4=8Diar?= Date: Wed, 7 Feb 2024 14:54:16 +0100 Subject: [PATCH 4/4] Update to 3.12.2 --- 00251-change-user-install-location.patch | 4 +- ...or-the-main-thread-gh-28549-gh-28589.patch | 8 ++-- ...-addresses-in-email-parseaddr-111116.patch | 4 +- ...on-t-generate-sbom-in-make-regen-all.patch | 36 ++++++++++++++++++ python3.12.spec | 38 +++++++++++++------ sources | 4 +- 6 files changed, 72 insertions(+), 22 deletions(-) create mode 100644 00418-don-t-generate-sbom-in-make-regen-all.patch diff --git a/00251-change-user-install-location.patch b/00251-change-user-install-location.patch index 1622e53..dc29bca 100644 --- a/00251-change-user-install-location.patch +++ b/00251-change-user-install-location.patch @@ -30,10 +30,10 @@ Co-authored-by: Lumír Balhar 3 files changed, 71 insertions(+), 4 deletions(-) diff --git a/Lib/site.py b/Lib/site.py -index 672fa7b000..0a9c5be53e 100644 +index 924b2460d9..51b5baca93 100644 --- a/Lib/site.py +++ b/Lib/site.py -@@ -377,8 +377,15 @@ def getsitepackages(prefixes=None): +@@ -387,8 +387,15 @@ def getsitepackages(prefixes=None): return sitepackages def addsitepackages(known_paths, prefixes=None): diff --git a/00371-revert-bpo-1596321-fix-threading-_shutdown-for-the-main-thread-gh-28549-gh-28589.patch b/00371-revert-bpo-1596321-fix-threading-_shutdown-for-the-main-thread-gh-28549-gh-28589.patch index 5603025..7146a82 100644 --- a/00371-revert-bpo-1596321-fix-threading-_shutdown-for-the-main-thread-gh-28549-gh-28589.patch +++ b/00371-revert-bpo-1596321-fix-threading-_shutdown-for-the-main-thread-gh-28549-gh-28589.patch @@ -16,10 +16,10 @@ https://github.com/GrahamDumpleton/mod_wsgi/issues/730 2 files changed, 8 insertions(+), 50 deletions(-) diff --git a/Lib/test/test_threading.py b/Lib/test/test_threading.py -index 756d5e329f..5d09775efc 100644 +index 00d9e591c7..3314319fec 100644 --- a/Lib/test/test_threading.py +++ b/Lib/test/test_threading.py -@@ -1007,39 +1007,6 @@ def noop(): pass +@@ -1089,39 +1089,6 @@ def noop(): pass threading.Thread(target=noop).start() # Thread.join() is not called @@ -60,10 +60,10 @@ index 756d5e329f..5d09775efc 100644 code = """if 1: import atexit diff --git a/Lib/threading.py b/Lib/threading.py -index 8dcaf8ca6a..ed0b0f4632 100644 +index 98cb43c697..ee647f8549 100644 --- a/Lib/threading.py +++ b/Lib/threading.py -@@ -1586,29 +1586,20 @@ def _shutdown(): +@@ -1585,29 +1585,20 @@ def _shutdown(): global _SHUTTING_DOWN _SHUTTING_DOWN = True diff --git a/00415-cve-2023-27043-gh-102988-reject-malformed-addresses-in-email-parseaddr-111116.patch b/00415-cve-2023-27043-gh-102988-reject-malformed-addresses-in-email-parseaddr-111116.patch index e77ddd8..352fef8 100644 --- a/00415-cve-2023-27043-gh-102988-reject-malformed-addresses-in-email-parseaddr-111116.patch +++ b/00415-cve-2023-27043-gh-102988-reject-malformed-addresses-in-email-parseaddr-111116.patch @@ -72,7 +72,7 @@ index 345b64001c..d693a9bc39 100644 .. function:: parsedate(date) diff --git a/Lib/email/utils.py b/Lib/email/utils.py -index 81da5394ea..43c3627fca 100644 +index aa949aa933..af2fb14754 100644 --- a/Lib/email/utils.py +++ b/Lib/email/utils.py @@ -48,6 +48,7 @@ @@ -81,7 +81,7 @@ index 81da5394ea..43c3627fca 100644 + def _has_surrogates(s): - """Return True if s contains surrogate-escaped binary data.""" + """Return True if s may contain surrogate-escaped binary data.""" # This check is based on the fact that unless there are surrogates, utf8 @@ -106,12 +107,127 @@ def formataddr(pair, charset='utf-8'): return address diff --git a/00418-don-t-generate-sbom-in-make-regen-all.patch b/00418-don-t-generate-sbom-in-make-regen-all.patch new file mode 100644 index 0000000..d41da28 --- /dev/null +++ b/00418-don-t-generate-sbom-in-make-regen-all.patch @@ -0,0 +1,36 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Karolina Surma +Date: Thu, 8 Feb 2024 15:53:26 +0100 +Subject: [PATCH] 00418: Don't generate sbom in make regen-all +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +The script and make target, added in Python 3.12.2, assumes a fixed +location of pip wheel and other bundled libraries, resulting in an +error and failed build when not found. +Reported upstream: https://github.com/python/cpython/issues/114240 +and https://github.com/python/cpython/issues/114244 + +Co-Authored-By: Tomáš Hrnčiar +--- + Makefile.pre.in | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/Makefile.pre.in b/Makefile.pre.in +index dd5e69f7ab..40097647b5 100644 +--- a/Makefile.pre.in ++++ b/Makefile.pre.in +@@ -1320,9 +1320,10 @@ regen-limited-abi: all + regen-all: regen-cases regen-opcode regen-opcode-targets regen-typeslots \ + regen-token regen-ast regen-keyword regen-sre regen-frozen \ + regen-pegen-metaparser regen-pegen regen-test-frozenmain \ +- regen-test-levenshtein regen-global-objects regen-sbom ++ regen-test-levenshtein regen-global-objects + @echo +- @echo "Note: make regen-stdlib-module-names and make regen-configure should be run manually" ++ @echo "Note: make regen-stdlib-module-names, make regen-configure and make regen-sbom " ++ @echo "should be run manually" + + ############################################################################ + # Special rules for object files diff --git a/python3.12.spec b/python3.12.spec index e9909b1..37254d2 100644 --- a/python3.12.spec +++ b/python3.12.spec @@ -13,11 +13,11 @@ URL: https://www.python.org/ # WARNING When rebasing to a new Python version, # remember to update the python3-docs package as well -%global general_version %{pybasever}.1 +%global general_version %{pybasever}.2 #global prerel ... %global upstream_version %{general_version}%{?prerel} Version: %{general_version}%{?prerel:~%{prerel}} -Release: 4%{?dist} +Release: 1%{?dist} License: Python-2.0.1 @@ -71,18 +71,18 @@ License: Python-2.0.1 # If the rpmwheels condition is disabled, we use the bundled wheel packages # from Python with the versions below. # This needs to be manually updated when we update Python. -%global pip_version 23.2.1 +%global pip_version 24.0 %global setuptools_version 67.6.1 %global wheel_version 0.40.0 # All of those also include a list of indirect bundled libs: # pip # $ %%{_rpmconfigdir}/pythonbundles.py <(unzip -p Lib/ensurepip/_bundled/pip-*.whl pip/_vendor/vendor.txt) %global pip_bundled_provides %{expand: -Provides: bundled(python3dist(cachecontrol)) = 0.12.11 -Provides: bundled(python3dist(certifi)) = 2023.5.7 +Provides: bundled(python3dist(cachecontrol)) = 0.13.1 +Provides: bundled(python3dist(certifi)) = 2023.7.22 Provides: bundled(python3dist(chardet)) = 5.1 Provides: bundled(python3dist(colorama)) = 0.4.6 -Provides: bundled(python3dist(distlib)) = 0.3.6 +Provides: bundled(python3dist(distlib)) = 0.3.8 Provides: bundled(python3dist(distro)) = 1.8 Provides: bundled(python3dist(idna)) = 3.4 Provides: bundled(python3dist(msgpack)) = 1.0.5 @@ -98,8 +98,9 @@ Provides: bundled(python3dist(setuptools)) = 68 Provides: bundled(python3dist(six)) = 1.16 Provides: bundled(python3dist(tenacity)) = 8.2.2 Provides: bundled(python3dist(tomli)) = 2.0.1 +Provides: bundled(python3dist(truststore)) = 0.8 Provides: bundled(python3dist(typing-extensions)) = 4.7.1 -Provides: bundled(python3dist(urllib3)) = 1.26.16 +Provides: bundled(python3dist(urllib3)) = 1.26.17 Provides: bundled(python3dist(webencodings)) = 0.5.1 } # setuptools @@ -121,7 +122,7 @@ Provides: bundled(python3dist(typing-extensions)) = 4.4 Provides: bundled(python3dist(zipp)) = 3.7 } # wheel -# $ %%{_rpmconfigdir}/pythonbundles.py <(unzip -p Lib/test/wheel-*.whl wheel/vendored/vendor.txt) +# $ %%{_rpmconfigdir}/pythonbundles.py <(unzip -p Lib/test/wheeldata/wheel-*.whl wheel/vendored/vendor.txt) %global wheel_bundled_provides %{expand: Provides: bundled(python3dist(packaging)) = 23 } @@ -367,7 +368,7 @@ Patch251: 00251-change-user-install-location.patch # https://github.com/GrahamDumpleton/mod_wsgi/issues/730 Patch371: 00371-revert-bpo-1596321-fix-threading-_shutdown-for-the-main-thread-gh-28549-gh-28589.patch -# 00415 # 83e0fc3ec7bc38055c536f482578a10f6efcc08c +# 00415 # 5b830b814be638d1a167802780b5f498a4a5e97c # [CVE-2023-27043] gh-102988: Reject malformed addresses in email.parseaddr() (#111116) # # Detect email address parsing errors and return empty tuple to @@ -376,6 +377,16 @@ Patch371: 00371-revert-bpo-1596321-fix-threading-_shutdown-for-the-main-thread-g # Thomas Dwyer. Patch415: 00415-cve-2023-27043-gh-102988-reject-malformed-addresses-in-email-parseaddr-111116.patch +# 00418 # 153905265371131e1227ace0dfef34a5c5efde59 +# Don't generate sbom in make regen-all +# +# The script and make target, added in Python 3.12.2, assumes a fixed +# location of pip wheel and other bundled libraries, resulting in an +# error and failed build when not found. +# Reported upstream: https://github.com/python/cpython/issues/114240 +# and https://github.com/python/cpython/issues/114244 +Patch418: 00418-don-t-generate-sbom-in-make-regen-all.patch + # (New patches go here ^^^) # # When adding new patches to "python" and "python3" in Fedora, EL, etc., @@ -697,13 +708,13 @@ The debug runtime additionally supports debug builds of C-API extensions # setuptools.whl does not contain the vendored.txt files if [ -f %{_rpmconfigdir}/pythonbundles.py ]; then %{_rpmconfigdir}/pythonbundles.py <(unzip -p Lib/ensurepip/_bundled/pip-*.whl pip/_vendor/vendor.txt) --compare-with '%pip_bundled_provides' - %{_rpmconfigdir}/pythonbundles.py <(unzip -p Lib/test/wheel-*.whl wheel/vendored/vendor.txt) --compare-with '%wheel_bundled_provides' + %{_rpmconfigdir}/pythonbundles.py <(unzip -p Lib/test/wheeldata/wheel-*.whl wheel/vendored/vendor.txt) --compare-with '%wheel_bundled_provides' fi %if %{with rpmwheels} rm Lib/ensurepip/_bundled/pip-%{pip_version}-py3-none-any.whl -rm Lib/test/setuptools-%{setuptools_version}-py3-none-any.whl -rm Lib/test/wheel-%{wheel_version}-py3-none-any.whl +rm Lib/test/wheeldata/setuptools-%{setuptools_version}-py3-none-any.whl +rm Lib/test/wheeldata/wheel-%{wheel_version}-py3-none-any.whl %endif # Remove all exe files to ensure we are not shipping prebuilt binaries @@ -1685,6 +1696,9 @@ CheckPython optimized # ====================================================== %changelog +* Wed Feb 07 2024 Tomáš Hrnčiar - 3.12.2-1 +- Update to 3.12.2 + * Fri Jan 26 2024 Fedora Release Engineering - 3.12.1-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild diff --git a/sources b/sources index b9328ce..2c3fe1d 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ -SHA512 (Python-3.12.1.tar.xz) = 44cf06b89ade692d87ca3105d8e3de5c7ce3f5fb318690fff513cf56f909ff5e0d0f6a0b22ae270b12e1fe3051b1bde3ec786506ec87c810b1d02e92e45dff07 -SHA512 (Python-3.12.1.tar.xz.asc) = 1c85237b5921fbf940ded4e038d99c8d02682fcb357b5de761eb5bebf94142b308a11654fc6312129663727e2ce1f546fbb5a5a3747d7dc02fc7dced9cb968fd +SHA512 (Python-3.12.2.tar.xz) = 2ccfae7b9f95d8e15ea85d3f66eea5f6a8fdcaffc0b405095fecb33efc0df50b831c1215542910ced948b54e6de1f7242b0b8b9afc5f89079451c552430d7d9f +SHA512 (Python-3.12.2.tar.xz.asc) = fb477acb49864a662b1586db79e80fd8ebab85d4e5e14acd3bfb5afc3dbe8d6b9bf97eb518dfb77662e27040d400f451ed7575fe1264a6cc0d9feb06e4f2dc84