head 1.94; access; symbols pkgsrc-2023Q4:1.94.0.2 pkgsrc-2023Q4-base:1.94 pkgsrc-2023Q3:1.93.0.4 pkgsrc-2023Q3-base:1.93 pkgsrc-2023Q2:1.93.0.2 pkgsrc-2023Q2-base:1.93 pkgsrc-2023Q1:1.92.0.2 pkgsrc-2023Q1-base:1.92 pkgsrc-2022Q4:1.91.0.4 pkgsrc-2022Q4-base:1.91 pkgsrc-2022Q3:1.91.0.2 pkgsrc-2022Q3-base:1.91 pkgsrc-2022Q2:1.90.0.2 pkgsrc-2022Q2-base:1.90 pkgsrc-2022Q1:1.89.0.2 pkgsrc-2022Q1-base:1.89 pkgsrc-2021Q4:1.87.0.2 pkgsrc-2021Q4-base:1.87 pkgsrc-2021Q3:1.82.0.2 pkgsrc-2021Q3-base:1.82 pkgsrc-2021Q2:1.81.0.6 pkgsrc-2021Q2-base:1.81 pkgsrc-2021Q1:1.81.0.4 pkgsrc-2021Q1-base:1.81 pkgsrc-2020Q4:1.81.0.2 pkgsrc-2020Q4-base:1.81 pkgsrc-2020Q3:1.80.0.2 pkgsrc-2020Q3-base:1.80 pkgsrc-2020Q2:1.73.0.2 pkgsrc-2020Q2-base:1.73 pkgsrc-2020Q1:1.72.0.2 pkgsrc-2020Q1-base:1.72 pkgsrc-2019Q4:1.72.0.4 pkgsrc-2019Q4-base:1.72 pkgsrc-2019Q3:1.71.0.6 pkgsrc-2019Q3-base:1.71 pkgsrc-2019Q2:1.71.0.4 pkgsrc-2019Q2-base:1.71 pkgsrc-2019Q1:1.71.0.2 pkgsrc-2019Q1-base:1.71 pkgsrc-2018Q4:1.70.0.6 pkgsrc-2018Q4-base:1.70 pkgsrc-2018Q3:1.70.0.4 pkgsrc-2018Q3-base:1.70 pkgsrc-2018Q2:1.70.0.2 pkgsrc-2018Q2-base:1.70 pkgsrc-2018Q1:1.67.0.4 pkgsrc-2018Q1-base:1.67 pkgsrc-2017Q4:1.67.0.2 pkgsrc-2017Q4-base:1.67 pkgsrc-2017Q3:1.66.0.4 pkgsrc-2017Q3-base:1.66 pkgsrc-2017Q2:1.65.0.2 pkgsrc-2017Q2-base:1.65 pkgsrc-2017Q1:1.64.0.2 pkgsrc-2017Q1-base:1.64 pkgsrc-2016Q4:1.58.0.4 pkgsrc-2016Q4-base:1.58 pkgsrc-2016Q3:1.58.0.2 pkgsrc-2016Q3-base:1.58 pkgsrc-2016Q2:1.54.0.4 pkgsrc-2016Q2-base:1.54 pkgsrc-2016Q1:1.54.0.2 pkgsrc-2016Q1-base:1.54 pkgsrc-2015Q4:1.53.0.2 pkgsrc-2015Q4-base:1.53 pkgsrc-2015Q3:1.51.0.4 pkgsrc-2015Q3-base:1.51 pkgsrc-2015Q2:1.51.0.2 pkgsrc-2015Q2-base:1.51 pkgsrc-2015Q1:1.49.0.2 pkgsrc-2015Q1-base:1.49 pkgsrc-2014Q4:1.48.0.2 pkgsrc-2014Q4-base:1.48 pkgsrc-2014Q3:1.46.0.2 pkgsrc-2014Q3-base:1.46 pkgsrc-2014Q2:1.42.0.2 pkgsrc-2014Q2-base:1.42 pkgsrc-2014Q1:1.35.0.2 pkgsrc-2014Q1-base:1.35 pkgsrc-2013Q4:1.29.0.2 pkgsrc-2013Q4-base:1.29 pkgsrc-2013Q3:1.27.0.2 pkgsrc-2013Q3-base:1.27 pkgsrc-2013Q2:1.24.0.2 pkgsrc-2013Q2-base:1.24 pkgsrc-2013Q1:1.21.0.4 pkgsrc-2013Q1-base:1.21 pkgsrc-2012Q4:1.21.0.2 pkgsrc-2012Q4-base:1.21 pkgsrc-2012Q3:1.19.0.2 pkgsrc-2012Q3-base:1.19 pkgsrc-2012Q2:1.18.0.2 pkgsrc-2012Q2-base:1.18 pkgsrc-2012Q1:1.17.0.2 pkgsrc-2012Q1-base:1.17 pkgsrc-2011Q4:1.14.0.2 pkgsrc-2011Q4-base:1.14 pkgsrc-2011Q3:1.9.0.2 pkgsrc-2011Q3-base:1.9 pkgsrc-2011Q2:1.5.0.2 pkgsrc-2011Q2-base:1.5 pkgsrc-2011Q1:1.3.0.2 pkgsrc-2011Q1-base:1.3 pkgsrc-base:1.1.1.1 TNF:1.1.1; locks; strict; comment @# @; 1.94 date 2023.10.23.06.35.59; author wiz; state Exp; branches; next 1.93; commitid i2WIjA0vfzIVsIJE; 1.93 date 2023.05.29.23.33.48; author gutteridge; state Exp; branches; next 1.92; commitid LTC08rImrQ2oPUqE; 1.92 date 2023.01.08.00.54.29; author gutteridge; state Exp; branches; next 1.91; commitid g7cegV86udcbPF8E; 1.91 date 2022.08.11.01.32.50; author gutteridge; state Exp; branches 1.91.4.1; next 1.90; commitid K8Vx6YenHM77SoPD; 1.90 date 2022.05.13.18.42.05; author tnn; state Exp; branches; next 1.89; commitid w6G2VzqPTbausVDD; 1.89 date 2022.02.25.22.41.32; author gutteridge; state Exp; branches; next 1.88; commitid FXDIYdHVh9lvd3uD; 1.88 date 2022.01.12.08.49.01; author wiz; state Exp; branches; next 1.87; commitid 8s1EMKvUbUN84koD; 1.87 date 2021.10.27.23.58.55; author gutteridge; state Exp; branches 1.87.2.1; next 1.86; commitid ahVwVEhgAEcNyveD; 1.86 date 2021.10.26.10.51.51; author nia; state Exp; branches; next 1.85; commitid obtJ15s6fwznfjeD; 1.85 date 2021.10.10.03.00.59; author gutteridge; state Exp; branches; next 1.84; commitid 9ljVlIyHdtvaadcD; 1.84 date 2021.10.07.14.21.10; author nia; state Exp; branches; next 1.83; commitid QJiB3Fx8Lkrv1TbD; 1.83 date 2021.09.28.12.31.25; author jperkin; state Exp; branches; next 1.82; commitid N3FzhsJSUIESHIaD; 1.82 date 2021.06.23.18.30.24; author schmonz; state Exp; branches 1.82.2.1; next 1.81; commitid vM795M1qbflqOhYC; 1.81 date 2020.09.27.14.57.22; author leot; state Exp; branches; next 1.80; commitid wnjpilvN9NldhHpC; 1.80 date 2020.09.20.12.50.26; author mgorny; state Exp; branches; next 1.79; commitid R9qmPRybSFZMNMoC; 1.79 date 2020.09.20.11.06.23; author mgorny; state Exp; branches; next 1.78; commitid f7l0y90RWU5udMoC; 1.78 date 2020.09.01.09.26.54; author schmonz; state Exp; branches; next 1.77; commitid h4hjqzEnvCrRhkmC; 1.77 date 2020.08.22.13.01.42; author schmonz; state Exp; branches; next 1.76; commitid 2NvV9VcPqj3vN3lC; 1.76 date 2020.08.21.19.39.28; author schmonz; state Exp; branches; next 1.75; commitid cy7ugf7cZOxW1YkC; 1.75 date 2020.08.15.12.35.56; author schmonz; state Exp; branches; next 1.74; commitid DptPbjpsh45qS9kC; 1.74 date 2020.08.14.19.28.43; author schmonz; state Exp; branches; next 1.73; commitid RgEZP7yCnoPcc4kC; 1.73 date 2020.04.20.20.05.56; author adam; state Exp; branches; next 1.72; commitid jBnxJVZeYdRY7a5C; 1.72 date 2019.10.21.09.40.35; author adam; state Exp; branches; next 1.71; commitid o10UygnWM9UKuIHB; 1.71 date 2019.03.05.12.43.40; author adam; state Exp; branches; next 1.70; commitid n27qthhBK15rVaeB; 1.70 date 2018.06.17.19.21.21; author adam; state Exp; branches; next 1.69; commitid c6D8IR427LvRuFGA; 1.69 date 2018.06.03.07.49.27; author leot; state Exp; branches; next 1.68; commitid mJwxJfxgatfX7OEA; 1.68 date 2018.05.19.06.54.55; author spz; state Exp; branches; next 1.67; commitid QpI1zmOPZBhrjSCA; 1.67 date 2017.11.01.21.51.21; author wiz; state Exp; branches 1.67.4.1; next 1.66; commitid 5mjaYAdpZ1VHFndA; 1.66 date 2017.09.17.09.54.52; author adam; state Exp; branches; next 1.65; commitid zpsGfyT0nKwo9x7A; 1.65 date 2017.05.22.16.45.19; author jperkin; state Exp; branches; next 1.64; commitid WDQpJderKm3HdpSz; 1.64 date 2017.01.26.23.10.35; author wiz; state Exp; branches; next 1.63; commitid 08sOfjXdqIHN4xDz; 1.63 date 2017.01.08.19.49.15; author wiz; state Exp; branches; next 1.62; commitid HVcwTbYzzHYUxcBz; 1.62 date 2017.01.05.23.16.42; author roy; state Exp; branches; next 1.61; commitid OPZFTqUHbNLOMPAz; 1.61 date 2017.01.04.14.14.28; author roy; state Exp; branches; next 1.60; commitid PFA04l7tiFLTOEAz; 1.60 date 2017.01.02.20.52.46; author roy; state Exp; branches; next 1.59; commitid KvTLnOZYd3XC5rAz; 1.59 date 2016.12.30.10.53.21; author adam; state Exp; branches; next 1.58; commitid ARdKnhAxVSLsRZzz; 1.58 date 2016.07.26.16.44.28; author kamil; state Exp; branches; next 1.57; commitid Cu98sB6S3IyqQQfz; 1.57 date 2016.07.23.18.28.26; author kamil; state Exp; branches; next 1.56; commitid 3BxSSID9Imk4ttfz; 1.56 date 2016.07.11.12.17.13; author ryoon; state Exp; branches; next 1.55; commitid pvcakEwVN0ajRTdz; 1.55 date 2016.07.02.15.05.43; author adam; state Exp; branches; next 1.54; commitid RKWCvDKWW1O05Lcz; 1.54 date 2016.02.06.11.25.09; author tron; state Exp; branches 1.54.4.1; next 1.53; commitid ivIjTpHlHGJBzQTy; 1.53 date 2015.12.06.18.22.35; author adam; state Exp; branches; next 1.52; commitid nULYZkdXt2b2TULy; 1.52 date 2015.11.03.22.50.42; author agc; state Exp; branches; next 1.51; commitid QD13DbDX9SeFqHHy; 1.51 date 2015.05.24.07.44.07; author adam; state Exp; branches; next 1.50; commitid mRNtY3R6noaLEFmy; 1.50 date 2015.04.24.03.01.35; author rodent; state Exp; branches; next 1.49; commitid hlCMiNUxctrw3Niy; 1.49 date 2015.03.03.17.19.58; author snj; state Exp; branches; next 1.48; commitid jWe8y4sdjSpKtbcy; 1.48 date 2014.12.16.07.07.32; author chopps; state Exp; branches; next 1.47; commitid UUr9JCTnSVDvye2y; 1.47 date 2014.11.02.13.31.11; author spz; state Exp; branches; next 1.46; commitid ZeaVgDKL2bA36CWx; 1.46 date 2014.07.26.06.19.38; author adam; state Exp; branches 1.46.2.1; next 1.45; commitid g0nXWMqSV70OTQJx; 1.45 date 2014.07.17.15.26.49; author ryoon; state Exp; branches; next 1.44; commitid jE5hoxvW76TndKIx; 1.44 date 2014.07.02.09.53.16; author adam; state Exp; branches; next 1.43; commitid rDLPjfFkPwcRQMGx; 1.43 date 2014.07.02.08.22.02; author he; state Exp; branches; next 1.42; commitid SP12GZncEpzqlMGx; 1.42 date 2014.06.11.05.55.58; author richard; state Exp; branches 1.42.2.1; next 1.41; commitid yqZqiBV9tlHmd4Ex; 1.41 date 2014.06.09.17.58.31; author he; state Exp; branches; next 1.40; commitid qJc0o95gnOEkgSDx; 1.40 date 2014.06.02.06.12.03; author adam; state Exp; branches; next 1.39; commitid ZDyIgtQV3kLBAUCx; 1.39 date 2014.05.21.00.31.07; author obache; state Exp; branches; next 1.38; commitid KvXZpRnDt6Wa5lBx; 1.38 date 2014.05.20.16.48.00; author adam; state Exp; branches; next 1.37; commitid oqHdorrpYbaUwiBx; 1.37 date 2014.05.10.08.38.04; author obache; state Exp; branches; next 1.36; commitid xx8o4sFF7rDK8Yzx; 1.36 date 2014.04.13.15.06.20; author bsiegert; state Exp; branches; next 1.35; commitid M9BQivNp7TCA9xwx; 1.35 date 2014.03.27.06.26.24; author obache; state Exp; branches 1.35.2.1; next 1.34; commitid P1qTIfZW8rCPOiux; 1.34 date 2014.03.27.05.36.37; author obache; state Exp; branches; next 1.33; commitid 8WAoqm4NxWU5yiux; 1.33 date 2014.03.27.05.22.33; author obache; state Exp; branches; next 1.32; commitid GznUCl6GmlXhtiux; 1.32 date 2014.03.15.05.38.14; author dholland; state Exp; branches; next 1.31; commitid eCVYbM99RyVBWKsx; 1.31 date 2014.03.12.12.40.57; author obache; state Exp; branches; next 1.30; commitid MhwQrdUYCxYulpsx; 1.30 date 2014.02.09.09.02.50; author tron; state Exp; branches; next 1.29; commitid lG2WyShaRDBBapox; 1.29 date 2013.12.14.18.59.55; author bsiegert; state Exp; branches 1.29.2.1; next 1.28; commitid uUYb9LUSo9HJi8hx; 1.28 date 2013.11.12.18.57.25; author adam; state Exp; branches; next 1.27; commitid Z1Oi774I0PhUj1dx; 1.27 date 2013.09.13.13.18.20; author adam; state Exp; branches; next 1.26; commitid FMf3wjD0DbCcnh5x; 1.26 date 2013.09.10.14.22.30; author joerg; state Exp; branches; next 1.25; commitid dWwreYkb0q50PT4x; 1.25 date 2013.08.18.13.42.14; author spz; state Exp; branches; next 1.24; commitid f7DVj3zFh0R4lW1x; 1.24 date 2013.05.27.16.24.00; author adam; state Exp; branches 1.24.2.1; next 1.23; commitid 7HLBmexiZ76RThRw; 1.23 date 2013.04.17.13.21.05; author obache; state Exp; branches; next 1.22; 1.22 date 2013.04.12.09.03.41; author adam; state Exp; branches; next 1.21; 1.21 date 2012.12.21.20.26.42; author dholland; state Exp; branches; next 1.20; 1.20 date 2012.12.16.23.22.28; author dholland; state Exp; branches; next 1.19; 1.19 date 2012.08.14.18.19.01; author drochner; state Exp; branches; next 1.18; 1.18 date 2012.04.13.18.47.27; author adam; state Exp; branches; next 1.17; 1.17 date 2012.03.27.10.49.22; author obache; state Exp; branches; next 1.16; 1.16 date 2012.03.24.12.04.36; author tron; state Exp; branches; next 1.15; 1.15 date 2012.02.15.16.08.26; author drochner; state Exp; branches; next 1.14; 1.14 date 2011.12.16.17.04.18; author hans; state Exp; branches 1.14.2.1; next 1.13; 1.13 date 2011.11.08.07.30.08; author sbd; state Exp; branches; next 1.12; 1.12 date 2011.10.31.06.49.58; author sbd; state Exp; branches; next 1.11; 1.11 date 2011.10.31.04.17.24; author sbd; state Exp; branches; next 1.10; 1.10 date 2011.10.18.21.59.18; author sbd; state Exp; branches; next 1.9; 1.9 date 2011.09.30.08.37.24; author yyamano; state Exp; branches 1.9.2.1; next 1.8; 1.8 date 2011.09.16.19.17.52; author bsiegert; state Exp; branches; next 1.7; 1.7 date 2011.09.16.08.50.44; author adam; state Exp; branches; next 1.6; 1.6 date 2011.09.14.06.59.54; author adam; state Exp; branches; next 1.5; 1.5 date 2011.06.13.11.31.13; author obache; state Exp; branches; next 1.4; 1.4 date 2011.05.06.16.27.04; author abs; state Exp; branches; next 1.3; 1.3 date 2011.03.28.16.00.07; author drochner; state Exp; branches; next 1.2; 1.2 date 2011.02.22.10.50.37; author adam; state Exp; branches; next 1.1; 1.1 date 2011.02.22.08.52.01; author obache; state Exp; branches 1.1.1.1; next ; 1.91.4.1 date 2023.01.13.19.54.39; author bsiegert; state Exp; branches; next ; commitid uSrvgKzEKfGmZp9E; 1.87.2.1 date 2022.03.03.19.33.58; author bsiegert; state Exp; branches; next ; commitid efuiTAYA57P12OuD; 1.82.2.1 date 2021.10.13.21.04.00; author tm; state Exp; branches; next 1.82.2.2; commitid mvFnfUhuwmaU3HcD; 1.82.2.2 date 2021.11.02.18.42.01; author tm; state Exp; branches; next ; commitid RkFeijuq0pzlDffD; 1.67.4.1 date 2018.05.24.15.50.09; author bsiegert; state Exp; branches; next 1.67.4.2; commitid qPJsthMj8q9s7zDA; 1.67.4.2 date 2018.06.08.10.07.08; author bsiegert; state Exp; branches; next ; commitid ttSz0GS2k9eTJsFA; 1.54.4.1 date 2016.09.06.19.04.27; author bsiegert; state Exp; branches; next ; commitid eiy4uqGG1mmFhglz; 1.46.2.1 date 2014.11.03.14.12.52; author tron; state Exp; branches; next ; commitid 2gJxRH5gyrsRiKWx; 1.42.2.1 date 2014.07.05.11.13.52; author tron; state Exp; branches; next ; commitid fztB3BCEpwVAcbHx; 1.35.2.1 date 2014.04.14.11.38.44; author tron; state Exp; branches; next ; commitid 9MT1X82YNWeyYDwx; 1.29.2.1 date 2014.02.10.18.13.44; author spz; state Exp; branches; next ; commitid j9EMSNRtZCEBbAox; 1.24.2.1 date 2013.08.21.11.47.14; author tron; state Exp; branches; next ; commitid TLYOaND6q9rMBj2x; 1.14.2.1 date 2012.02.18.23.35.28; author tron; state Exp; branches; next ; 1.9.2.1 date 2011.10.20.03.59.44; author tron; state Exp; branches; next ; 1.1.1.1 date 2011.02.22.08.52.01; author obache; state Exp; branches; next ; desc @@ 1.94 log @python*: include some standard modules in the base Python package As proposed on tech-pkg Bump PKGREVISION. @ text @$NetBSD: distinfo,v 1.93 2023/05/29 23:33:48 gutteridge Exp $ BLAKE2s (Python-2.7.18.tar.xz) = 1b673ec8c9362a178e044691392bc4f67ad13457d7fddd84a88de346f23f9812 SHA512 (Python-2.7.18.tar.xz) = a7bb62b51f48ff0b6df0b18f5b0312a523e3110f49c3237936bfe56ed0e26838c0274ff5401bda6fc21bf24337477ccac49e8026c5d651e4b4cafb5eb5086f6c Size (Python-2.7.18.tar.xz) = 12854736 bytes SHA1 (patch-Doc_library_cgi.rst) = ed9ac101b0857dc573e9a648694d1ee5fabe61fb SHA1 (patch-Doc_library_mailcap.rst) = 020cf493c4e83bc9f21040f90ccb99a2d9aeef24 SHA1 (patch-Doc_library_urlparse.rst) = ceaea3a4577ba7d3055ffb3b3c8ffbbdda7e1d32 SHA1 (patch-Include_pyerrors.h) = 0d2cd52d18cc719b895fa32ed7e11c6cb15bae54 SHA1 (patch-Include_pyport.h) = f3e4ddbc954425a65301465410911222ca471320 SHA1 (patch-Lib___osx__support.py) = 4389472565616b3875c699f6e3e74850d5fde712 SHA1 (patch-Lib_cgi.py) = 9653904acfd2dbe03655a7cfa5688c450556671b SHA1 (patch-Lib_ctypes_____init____.py) = 31dd0546bbe29ad1b1d481edc525ba43479c06da SHA1 (patch-Lib_ctypes_macholib_dyld.py) = 9b7e972d4c71311742ca8b3501382182a4c9e2fe SHA1 (patch-Lib_ctypes_test_test__macholib.py) = 4479d315cd037f4c9138e8f5baa8eb1685932baa SHA1 (patch-Lib_ctypes_test_test__parameters.py) = 8f8bb50515bc7e89ab59363b10af4d5391957eb7 SHA1 (patch-Lib_ctypes_util.py) = 6fa516c7b43f08992427a0afcbe80c17bcc070f1 SHA1 (patch-Lib_distutils_command_build__ext.py) = ea4feba4e93dbcff07050c82a00d591bb650e934 SHA1 (patch-Lib_distutils_command_install__egg__info.py) = ec7f9e0cd04489b1f6497c44d75bff6864ad1047 SHA1 (patch-Lib_distutils_tests_test__build__ext.py) = 6b3c8c8d1d351836b239c049d34d132953bd4786 SHA1 (patch-Lib_distutils_unixccompiler.py) = 4e2425ae15d9f0383f83779e77d8b6ebce374967 SHA1 (patch-Lib_distutils_util.py) = 5bcfad96f8e490351160f1a7c1f4ece7706a33fa SHA1 (patch-Lib_encodings_idna.py) = 47436d4c45599556f4861d062ce398702fc63325 SHA1 (patch-Lib_ftplib.py) = 6679c4ea109dcb5d56d86a55343954e0368b9138 SHA1 (patch-Lib_httplib.py) = b8eeaa203e2a86ece94148d192b2a7e0c078602a SHA1 (patch-Lib_lib2to3_pgen2_driver.py) = 5d6dab14197f27363394ff1aeee22a8ced8026d2 SHA1 (patch-Lib_mailcap.py) = 9ed762022c0f08cefa6b87f975d0e5333fe2a5eb SHA1 (patch-Lib_multiprocessing_process.py) = 15699bd8ec822bf54a0631102e00e0a34f882803 SHA1 (patch-Lib_plistlib.py) = 96ae702995d434e2d7ec0ac62e37427a90b61d13 SHA1 (patch-Lib_sysconfig.py) = 8a7a0e5cbfec279a05945dffafea1b1131a76f0e SHA1 (patch-Lib_tarfile.py) = df00aa1941367c42dcbbed4b6658b724a22ddcde SHA1 (patch-Lib_test_mailcap.txt) = 80923517cb616f7de97df11ee8632465cce8d10c SHA1 (patch-Lib_test_multibytecodec__support.py) = a18c40e8009f1a8f63e15196d3e751d7dccf8367 SHA1 (patch-Lib_test_test__cgi.py) = 724355e8d2195f8a4b76d7ea61133e9b14fa3a68 SHA1 (patch-Lib_test_test__codecs.py) = 825b5e5d57ffcb97542fc6eef149ac74c950f711 SHA1 (patch-Lib_test_test__ftplib.py) = 4b22c8a963ccf6f60ca49be003bf026e1b0b632d SHA1 (patch-Lib_test_test__httplib.py) = f7cfa5501a63eaca539bfa53d38cf931f3a6c3ac SHA1 (patch-Lib_test_test__mailcap.py) = 6b869c9e9d9ef097d6fc4aef967e7b7bca3bd41c SHA1 (patch-Lib_test_test__platform.py) = 3a3b8c05f9bf9adf4862b1022ce864127d36b8b0 SHA1 (patch-Lib_test_test__unicode.py) = 1bd182bdbd880d0a847f9d8b69277a607f9f0526 SHA1 (patch-Lib_test_test__urllib2.py) = 89baa57daf2f3282e4fc5009915dbc4910b96ef1 SHA1 (patch-Lib_test_test__urlparse.py) = d656a6b3fd672633182a2cfd32b2495eac382f3c SHA1 (patch-Lib_urllib2.py) = 0cc0dc811bb9544496962e08b040b5c96fb9073c SHA1 (patch-Lib_urlparse.py) = 09c355c7df32a0f705f246aa81538ab7770c55e2 SHA1 (patch-Mac_Tools_pythonw.c) = 2b9a60d4b349c240471fd305be69c28e0f654cdc SHA1 (patch-Makefile.pre.in) = ceaf34237588b527478ce1f9163c9168382fa201 SHA1 (patch-Modules___ctypes_callbacks.c) = 8c335edfc9d2ef47988c5bdf1c3dd8473757637b SHA1 (patch-Modules___ctypes_callproc.c) = 7b669f9c081bbc2b7fce2c827703f52b7389d592 SHA1 (patch-Modules___ctypes_ctypes.h) = 07e9d5ecf8309a3ca4bf8382411d56dda08d7b27 SHA1 (patch-Modules___ctypes_malloc__closure.c) = 25d470cc66d218446227c7c1bd7ade409c53b8d0 SHA1 (patch-Modules___multiprocessing_multiprocessing.h) = 7ca8fe22ba4bdcde6d39dd50fe2e86c25994c146 SHA1 (patch-Modules___multiprocessing_semaphore.c) = 03b9c33ef38da383d5f7c2c84c17fe38cdd2911e SHA1 (patch-Modules__ssl.c) = 6e68f88ad205106691900f091a897ffe0a4c363c SHA1 (patch-Modules_getaddrinfo.c) = aa699d257f1bc98b9a3183a21324053e134409d1 SHA1 (patch-Modules_getpath.c) = 4e6445be9da49626800c03eaaab28fb3826be9f9 SHA1 (patch-Modules_makesetup) = 9aad78714c4fe1a21cf66a6627d97d164ecea196 SHA1 (patch-Modules_nismodule.c) = 129ef7b32779944c2f1827c6b078a3aafab60729 SHA1 (patch-Modules_posixmodule.c) = 5105d380cd49bf49b8adbd9aa5ffb245195728ed SHA1 (patch-Modules_selectmodule.c) = 01e113b0bd251978b555caaaa60b79c372edebce SHA1 (patch-Modules_socketmodule.c) = 16848d90947b3de1f921a0813fa5c317f76961d4 SHA1 (patch-Modules_sunaudiodev.c) = d836d77854a2b3d79fa34a06a8e2493bf0a503e6 SHA1 (patch-Python_thread__pthread.h) = 517cfefc2f2e13631d22bad28c327513cdf17c10 SHA1 (patch-configure) = a8bcacd360ca3a451c43a05a4be3bcea56f70617 SHA1 (patch-pyconfig.h.in) = 66d1a685e17ef7977bf09cdc64bdf80087216bc7 SHA1 (patch-setup.py) = 9a4007fd03be0020d7997807c7fef0c2bd21fdfd @ 1.93 log @python27: add backported security fix for CVE-2023-24329 @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.92 2023/01/08 00:54:29 gutteridge Exp $ d65 1 a65 1 SHA1 (patch-setup.py) = 4ab14fc01a1622b7a35bfb45b93a12d16dfc8b82 @ 1.92 log @python27: add backported security fix for CVE-2022-45061 @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.91 2022/08/11 01:32:50 gutteridge Exp $ d42 1 a42 1 SHA1 (patch-Lib_test_test__urlparse.py) = d98df667a34eebb994fe1d54a1decb8359df897e d44 1 a44 1 SHA1 (patch-Lib_urlparse.py) = 1f102bb85acd99a8be976f9d5b0fdb1a7abf5725 @ 1.91 log @python27: add backported security patching Fix CVE-2015-20107: Make mailcap refuse to match unsafe filenames/types/params Via Fedora: https://src.fedoraproject.org/rpms/python2.7/raw/a9b12e85bd4d3280e07bc3bfa72a9f2b674cb4ff/f/00382-cve-2015-20107.patch @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.90 2022/05/13 18:42:05 tnn Exp $ d23 1 d35 1 @ 1.91.4.1 log @Pullup ticket #6720 - requested by gutteridge lang/python27: security fix Revisions pulled up: - lang/python27/Makefile 1.105 - lang/python27/distinfo 1.92 - lang/python27/patches/patch-Lib_encodings_idna.py 1.1 - lang/python27/patches/patch-Lib_test_test__codecs.py 1.1 --- Module Name: pkgsrc Committed By: gutteridge Date: Sun Jan 8 00:54:30 UTC 2023 Modified Files: pkgsrc/lang/python27: Makefile distinfo Added Files: pkgsrc/lang/python27/patches: patch-Lib_encodings_idna.py patch-Lib_test_test__codecs.py Log Message: python27: add backported security fix for CVE-2022-45061 @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.91 2022/08/11 01:32:50 gutteridge Exp $ a22 1 SHA1 (patch-Lib_encodings_idna.py) = 47436d4c45599556f4861d062ce398702fc63325 a33 1 SHA1 (patch-Lib_test_test__codecs.py) = 825b5e5d57ffcb97542fc6eef149ac74c950f711 @ 1.90 log @python27: patch unixccompiler.py instead and use SUBST for OSX_SDK_PATH (-isysroot probably not wrapper safe) @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.89 2022/02/25 22:41:32 gutteridge Exp $ d7 1 d26 1 d31 1 d36 1 @ 1.89 log @python27: fix two security issues Addresses CVE-2021-4189 and CVE-2022-0391. Patches sourced via Fedora. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.88 2022/01/12 08:49:01 wiz Exp $ d20 1 a20 1 SHA1 (patch-Lib_distutils_unixccompiler.py) = db16c9aca2f29730945f28247b88b18828739bbb @ 1.88 log @python*: remove no-egg support This was added in the pkgsrc stone age when pkgsrc had no egg support, and then carried forward up to python 3.10. This ends now. Bump PKGREVISION. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.87 2021/10/27 23:58:55 gutteridge Exp $ d7 1 a7 1 SHA1 (patch-Doc_library_urlparse.rst) = f9714b945a2bacb4ec5360c151a42192e00f08ad d22 1 d31 1 d36 1 a36 1 SHA1 (patch-Lib_test_test__urlparse.py) = 257cb3bf7a0e9b5e0dcb204f675959b10953ba7b d38 1 a38 1 SHA1 (patch-Lib_urlparse.py) = 69db5325a19474113e72c1feeb895a25534412c4 @ 1.87 log @python27: fix definition of variable added in security patch Correct a merge botch introduced in a previous commit. It was intended that a variable be redefined, but it was committed in an incomplete testing state. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.86 2021/10/26 10:51:51 nia Exp $ a17 1 SHA1 (patch-Lib_distutils_command_install.py) = e6aef090b444b455fe351308d251e670329b7dc3 @ 1.87.2.1 log @Pullup ticket #6595 - requested by gutteridge lang/python27: security fix (CVE-2021-4189, CVE-2022-0391) Revisions pulled up: - lang/python27/Makefile 1.99 - lang/python27/distinfo 1.89 - lang/python27/patches/patch-Doc_library_urlparse.rst 1.2 - lang/python27/patches/patch-Lib_ftplib.py 1.1 - lang/python27/patches/patch-Lib_test_test__ftplib.py 1.1 - lang/python27/patches/patch-Lib_test_test__urlparse.py 1.2 - lang/python27/patches/patch-Lib_urlparse.py 1.3 --- Module Name: pkgsrc Committed By: gutteridge Date: Fri Feb 25 22:41:32 UTC 2022 Modified Files: pkgsrc/lang/python27: Makefile distinfo pkgsrc/lang/python27/patches: patch-Doc_library_urlparse.rst patch-Lib_test_test__urlparse.py patch-Lib_urlparse.py Added Files: pkgsrc/lang/python27/patches: patch-Lib_ftplib.py patch-Lib_test_test__ftplib.py Log Message: python27: fix two security issues Addresses CVE-2021-4189 and CVE-2022-0391. Patches sourced via Fedora. @ text @d1 1 a1 1 $NetBSD$ d7 1 a7 1 SHA1 (patch-Doc_library_urlparse.rst) = ceaea3a4577ba7d3055ffb3b3c8ffbbdda7e1d32 a22 1 SHA1 (patch-Lib_ftplib.py) = 6679c4ea109dcb5d56d86a55343954e0368b9138 a30 1 SHA1 (patch-Lib_test_test__ftplib.py) = 4b22c8a963ccf6f60ca49be003bf026e1b0b632d d35 1 a35 1 SHA1 (patch-Lib_test_test__urlparse.py) = d98df667a34eebb994fe1d54a1decb8359df897e d37 1 a37 1 SHA1 (patch-Lib_urlparse.py) = 1f102bb85acd99a8be976f9d5b0fdb1a7abf5725 @ 1.86 log @lang: Replace RMD160 checksums with BLAKE2s checksums All checksums have been double-checked against existing RMD160 and SHA512 hashes The following distfiles could not be fetched (possibly fetched conditionally?): ./lang/rust-bin/distinfo rust-bin-1.54.0/rust-1.54.0-aarch64-unknown-linux-gnu.tar.gz ./lang/rust-bin/distinfo rust-bin-1.54.0/rust-1.54.0-aarch64-unknown-linux-musl.tar.gz ./lang/rust-bin/distinfo rust-bin-1.54.0/rust-1.54.0-aarch64-unknown-netbsd.tar.gz ./lang/rust-bin/distinfo rust-bin-1.54.0/rust-1.54.0-armv7-unknown-netbsd-eabihf.tar.gz ./lang/rust-bin/distinfo rust-bin-1.54.0/rust-1.54.0-i686-unknown-linux-gnu.tar.gz ./lang/rust-bin/distinfo rust-bin-1.54.0/rust-1.54.0-powerpc-unknown-netbsd90.tar.gz ./lang/rust-bin/distinfo rust-bin-1.54.0/rust-1.54.0-sparc64-unknown-netbsd.tar.gz ./lang/rust-bin/distinfo rust-bin-1.54.0/rust-1.54.0-x86_64-apple-darwin.tar.gz ./lang/rust-bin/distinfo rust-bin-1.54.0/rust-1.54.0-x86_64-unknown-freebsd.tar.gz ./lang/rust-bin/distinfo rust-bin-1.54.0/rust-1.54.0-x86_64-unknown-linux-gnu.tar.gz ./lang/rust-bin/distinfo rust-bin-1.54.0/rust-1.54.0-x86_64-unknown-linux-musl.tar.gz ./lang/smlnj/distinfo smlnj-110.73/boot.ppc-unix.tgz ./lang/smlnj/distinfo smlnj-110.73/boot.sparc-unix.tgz ./lang/oracle-jre8/distinfo jce_policy-8.zip ./lang/oracle-jre8/distinfo jre-8u202-linux-i586.tar.gz ./lang/oracle-jre8/distinfo jre-8u202-linux-x64.tar.gz ./lang/oracle-jre8/distinfo jre-8u202-macosx-x64.tar.gz ./lang/oracle-jre8/distinfo jre-8u202-solaris-x64.tar.gz ./lang/oracle-jdk8/distinfo jdk-8u202-linux-i586.tar.gz ./lang/oracle-jdk8/distinfo jdk-8u202-linux-x64.tar.gz ./lang/oracle-jdk8/distinfo jdk-8u202-solaris-x64.tar.gz ./lang/ghc80/distinfo ghc-7.10.3-boot-x86_64-unknown-solaris2.tar.xz ./lang/ghc80/distinfo ghc-8.0.2-boot-i386-unknown-freebsd.tar.xz ./lang/ghc80/distinfo ghc-8.0.2-boot-x86_64-unknown-freebsd.tar.xz ./lang/gcc5-aux/distinfo ada-bootstrap.i386.freebsd.100B.tar.bz2 ./lang/gcc5-aux/distinfo ada-bootstrap.i386.freebsd.84.tar.bz2 ./lang/gcc5-aux/distinfo ada-bootstrap.x86_64.dragonfly.41.tar.bz2 ./lang/gcc5-aux/distinfo ada-bootstrap.x86_64.freebsd.100B.tar.bz2 ./lang/gcc5-aux/distinfo ada-bootstrap.x86_64.freebsd.84.tar.bz2 ./lang/gcc5-aux/distinfo ada-bootstrap.x86_64.solaris.511.tar.bz2 ./lang/rust/distinfo rust-1.53.0-aarch64-apple-darwin.tar.gz ./lang/rust/distinfo rust-1.53.0-aarch64-unknown-linux-gnu.tar.gz ./lang/rust/distinfo rust-1.53.0-aarch64-unknown-netbsd.tar.gz ./lang/rust/distinfo rust-1.53.0-aarch64_be-unknown-netbsd.tar.gz ./lang/rust/distinfo rust-1.53.0-arm-unknown-linux-gnueabihf.tar.gz ./lang/rust/distinfo rust-1.53.0-armv7-unknown-linux-gnueabihf.tar.gz ./lang/rust/distinfo rust-1.53.0-i686-unknown-linux-gnu.tar.gz ./lang/rust/distinfo rust-1.53.0-powerpc-unknown-netbsd.tar.gz ./lang/rust/distinfo rust-1.53.0-powerpc-unknown-netbsd90.tar.gz ./lang/rust/distinfo rust-1.53.0-sparc64-unknown-netbsd.tar.gz ./lang/rust/distinfo rust-1.53.0-x86_64-apple-darwin.tar.gz ./lang/rust/distinfo rust-1.53.0-x86_64-unknown-freebsd.tar.gz ./lang/rust/distinfo rust-1.53.0-x86_64-unknown-illumos.tar.gz ./lang/rust/distinfo rust-1.53.0-x86_64-unknown-linux-gnu.tar.gz ./lang/rust/distinfo rust-std-1.53.0-aarch64-apple-darwin.tar.gz ./lang/rust/distinfo rust-std-1.53.0-aarch64-unknown-linux-gnu.tar.gz ./lang/rust/distinfo rust-std-1.53.0-aarch64-unknown-netbsd.tar.gz ./lang/rust/distinfo rust-std-1.53.0-aarch64_be-unknown-netbsd.tar.gz ./lang/rust/distinfo rust-std-1.53.0-arm-unknown-linux-gnueabihf.tar.gz ./lang/rust/distinfo rust-std-1.53.0-armv7-unknown-linux-gnueabihf.tar.gz ./lang/rust/distinfo rust-std-1.53.0-i686-unknown-linux-gnu.tar.gz ./lang/rust/distinfo rust-std-1.53.0-powerpc-unknown-netbsd.tar.gz ./lang/rust/distinfo rust-std-1.53.0-powerpc-unknown-netbsd90.tar.gz ./lang/rust/distinfo rust-std-1.53.0-sparc64-unknown-netbsd.tar.gz ./lang/rust/distinfo rust-std-1.53.0-x86_64-apple-darwin.tar.gz ./lang/rust/distinfo rust-std-1.53.0-x86_64-unknown-freebsd.tar.gz ./lang/rust/distinfo rust-std-1.53.0-x86_64-unknown-linux-gnu.tar.gz ./lang/smlnj11072/distinfo smlnj-110.72/boot.ppc-unix.tgz ./lang/smlnj11072/distinfo smlnj-110.72/boot.sparc-unix.tgz ./lang/ghc84/distinfo ghc-8.0.2-boot-x86_64-unknown-solaris2.tar.xz ./lang/ghc84/distinfo ghc-8.4.4-boot-i386-unknown-freebsd.tar.xz ./lang/ghc84/distinfo ghc-8.4.4-boot-x86_64-apple-darwin.tar.xz ./lang/ghc84/distinfo ghc-8.4.4-boot-x86_64-unknown-freebsd.tar.xz ./lang/ghc7/distinfo ghc-7.10.3-boot-i386-unknown-freebsd.tar.xz ./lang/ghc7/distinfo ghc-7.6.3-boot-i386-unknown-solaris2.tar.xz ./lang/ghc7/distinfo ghc-7.6.3-boot-powerpc-apple-darwin.tar.xz ./lang/ghc7/distinfo ghc-7.6.3-boot-x86_64-unknown-solaris2.tar.xz ./lang/ghc90/distinfo ghc-8.10.4-boot-x86_64-unknown-solaris2.tar.xz ./lang/ghc90/distinfo ghc-9.0.1-boot-aarch64-unknown-netbsd.tar.xz ./lang/ghc90/distinfo ghc-9.0.1-boot-i386-unknown-freebsd.tar.xz ./lang/ghc90/distinfo ghc-9.0.1-boot-x86_64-apple-darwin.tar.xz ./lang/ghc90/distinfo ghc-9.0.1-boot-x86_64-unknown-freebsd.tar.xz ./lang/openjdk8/distinfo openjdk7/bootstrap-jdk-1.7.76-freebsd-10-amd64-20150301.tar.xz ./lang/openjdk8/distinfo openjdk7/bootstrap-jdk-1.7.76-netbsd-7-sparc64-20150301.tar.xz ./lang/openjdk8/distinfo openjdk7/bootstrap-jdk-1.8.181-netbsd-8-aarch64-20180917.tar.xz ./lang/openjdk8/distinfo openjdk7/bootstrap-jdk7u60-bin-dragonfly-3.6-amd64-20140719.tar.bz2 ./lang/openjdk8/distinfo openjdk7/bootstrap-jdk7u60-bin-dragonfly-3.8-amd64-20140719.tar.bz2 ./lang/go-bin/distinfo go1.14.2.darwin-amd64.tar.gz ./lang/go-bin/distinfo go1.14.2.linux-386.tar.gz ./lang/go-bin/distinfo go1.14.2.linux-amd64.tar.gz ./lang/go-bin/distinfo go1.14.2.linux-arm64.tar.gz ./lang/go-bin/distinfo go1.14.2.linux-armv6l.tar.gz ./lang/go-bin/distinfo go1.14.2.netbsd-arm64.tar.gz ./lang/go-bin/distinfo go1.16beta1.darwin-arm64.tar.gz ./lang/gcc6-aux/distinfo ada-bootstrap.i386.freebsd.100B.tar.bz2 ./lang/gcc6-aux/distinfo ada-bootstrap.x86_64.dragonfly.41.tar.bz2 ./lang/gcc6-aux/distinfo ada-bootstrap.x86_64.freebsd.100B.tar.bz2 ./lang/gcc6-aux/distinfo ada-bootstrap.x86_64.freebsd.84.tar.bz2 ./lang/gcc6-aux/distinfo ada-bootstrap.x86_64.solaris.511.tar.bz2 ./lang/ghc810/distinfo ghc-8.8.4-boot-x86_64-unknown-solaris2.tar.xz ./lang/sun-jre7/distinfo UnlimitedJCEPolicyJDK7.zip ./lang/sun-jre7/distinfo jre-7u80-linux-x64.tar.gz ./lang/sun-jre7/distinfo jre-7u80-solaris-i586.tar.gz ./lang/sun-jre7/distinfo jre-7u80-solaris-x64.tar.gz ./lang/ghc88/distinfo ghc-8.4.4-boot-i386-unknown-freebsd.tar.xz ./lang/ghc88/distinfo ghc-8.4.4-boot-x86_64-apple-darwin.tar.xz ./lang/ghc88/distinfo ghc-8.4.4-boot-x86_64-unknown-freebsd.tar.xz ./lang/ghc88/distinfo ghc-8.4.4-boot-x86_64-unknown-solaris2.tar.xz ./lang/gcc-aux/distinfo ada-bootstrap.i386.dragonfly.36A.tar.bz2 ./lang/gcc-aux/distinfo ada-bootstrap.i386.freebsd.100B.tar.bz2 ./lang/gcc-aux/distinfo ada-bootstrap.i386.freebsd.84.tar.bz2 ./lang/gcc-aux/distinfo ada-bootstrap.x86_64.dragonfly.36A.tar.bz2 ./lang/gcc-aux/distinfo ada-bootstrap.x86_64.freebsd.100B.tar.bz2 ./lang/gcc-aux/distinfo ada-bootstrap.x86_64.freebsd.84.tar.bz2 ./lang/gcc-aux/distinfo ada-bootstrap.x86_64.solaris.511.tar.bz2 ./lang/gcc6/distinfo ecj-4.5.jar ./lang/openjdk11/distinfo bootstrap-jdk-1.11.0.7.10-netbsd-9-aarch64-20200509.tar.xz ./lang/sun-jdk7/distinfo jdk-7u80-linux-x64.tar.gz ./lang/sun-jdk7/distinfo jdk-7u80-solaris-i586.tar.gz ./lang/sun-jdk7/distinfo jdk-7u80-solaris-x64.tar.gz @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.85 2021/10/10 03:00:59 gutteridge Exp $ d37 1 a37 1 SHA1 (patch-Lib_urlparse.py) = ec45dd48966eb806a5c0e79af6a7369fb45b9859 @ 1.85 log @python27: fix various security issues Addresses CVE-2020-27619, CVE-2021-3177, CVE-2021-3733, CVE-2021-3737 and CVE-2021-23336. Patches mostly sourced via Fedora. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.84 2021/10/07 14:21:10 nia Exp $ d3 1 a3 1 RMD160 (Python-2.7.18.tar.xz) = 40a514bb05c9e631454ea8466e28f5bb229428ad @ 1.84 log @lang: Remove SHA1 hashes for distfiles @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.83 2021/09/28 12:31:25 jperkin Exp $ d6 2 d11 1 d15 1 d23 1 a23 1 SHA1 (patch-Lib_httplib.py) = 375d80eb79209f53046c62db128d8d3f64d9e765 d29 3 a31 1 SHA1 (patch-Lib_test_test__httplib.py) = 9d37263e36110838e0b5f413ff4747deb3966dfe d35 3 a37 1 SHA1 (patch-Lib_urllib2.py) = 33a85593da702447fa3ea74b4e3d36d0016f70b5 d41 1 a41 1 SHA1 (patch-Modules___ctypes_callproc.c) = adac5eb047eb58c14003ea9237d5d34e8b327b2f @ 1.83 log @python27: Fix build with OpenSSL 3. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.82 2021/06/23 18:30:24 schmonz Exp $ a2 1 SHA1 (Python-2.7.18.tar.xz) = 678d4cf483a1c92efd347ee8e1e79326dc82810b @ 1.82 log @Fix build on darwin20 and macOS arm64, via MacPorts. For other platforms, NFCI. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.81 2020/09/27 14:57:22 leot Exp $ d51 1 a51 1 SHA1 (patch-setup.py) = 19aa0992ea75cd151be7e35f05d9af0a84d07e85 @ 1.82.2.1 log @Pullup ticket #6513 - requested by gutteridge lang/python27: security fix Revisions pulled up: - lang/python27/Makefile 1.94 - lang/python27/distinfo 1.85 - lang/python27/patches/patch-Doc_library_cgi.rst 1.1 - lang/python27/patches/patch-Doc_library_urlparse.rst 1.1 - lang/python27/patches/patch-Lib_cgi.py 1.1 - lang/python27/patches/patch-Lib_ctypes_test_test__parameters.py 1.1 - lang/python27/patches/patch-Lib_httplib.py 1.4 - lang/python27/patches/patch-Lib_test_multibytecodec__support.py 1.1 - lang/python27/patches/patch-Lib_test_test__cgi.py 1.1 - lang/python27/patches/patch-Lib_test_test__httplib.py 1.4 - lang/python27/patches/patch-Lib_test_test__urlparse.py 1.1 - lang/python27/patches/patch-Lib_urllib2.py 1.3 - lang/python27/patches/patch-Lib_urlparse.py 1.1 - lang/python27/patches/patch-Modules___ctypes_callproc.c 1.2 --- Module Name: pkgsrc Committed By: gutteridge Date: Sun Oct 10 03:00:59 UTC 2021 Modified Files: pkgsrc/lang/python27: Makefile distinfo pkgsrc/lang/python27/patches: patch-Lib_httplib.py patch-Lib_test_test__httplib.py patch-Lib_urllib2.py patch-Modules___ctypes_callproc.c Added Files: pkgsrc/lang/python27/patches: patch-Doc_library_cgi.rst patch-Doc_library_urlparse.rst patch-Lib_cgi.py patch-Lib_ctypes_test_test__parameters.py patch-Lib_test_multibytecodec__support.py patch-Lib_test_test__cgi.py patch-Lib_test_test__urlparse.py patch-Lib_urlparse.py Log Message: python27: fix various security issues Addresses CVE-2020-27619, CVE-2021-3177, CVE-2021-3733, CVE-2021-3737 and CVE-2021-23336. Patches mostly sourced via Fedora. @ text @d1 1 a1 1 $NetBSD$ a6 2 SHA1 (patch-Doc_library_cgi.rst) = ed9ac101b0857dc573e9a648694d1ee5fabe61fb SHA1 (patch-Doc_library_urlparse.rst) = f9714b945a2bacb4ec5360c151a42192e00f08ad a9 1 SHA1 (patch-Lib_cgi.py) = 9653904acfd2dbe03655a7cfa5688c450556671b a12 1 SHA1 (patch-Lib_ctypes_test_test__parameters.py) = 8f8bb50515bc7e89ab59363b10af4d5391957eb7 d20 1 a20 1 SHA1 (patch-Lib_httplib.py) = b8eeaa203e2a86ece94148d192b2a7e0c078602a d26 1 a26 3 SHA1 (patch-Lib_test_multibytecodec__support.py) = a18c40e8009f1a8f63e15196d3e751d7dccf8367 SHA1 (patch-Lib_test_test__cgi.py) = 724355e8d2195f8a4b76d7ea61133e9b14fa3a68 SHA1 (patch-Lib_test_test__httplib.py) = f7cfa5501a63eaca539bfa53d38cf931f3a6c3ac d30 1 a30 3 SHA1 (patch-Lib_test_test__urlparse.py) = 257cb3bf7a0e9b5e0dcb204f675959b10953ba7b SHA1 (patch-Lib_urllib2.py) = 0cc0dc811bb9544496962e08b040b5c96fb9073c SHA1 (patch-Lib_urlparse.py) = ec45dd48966eb806a5c0e79af6a7369fb45b9859 d34 1 a34 1 SHA1 (patch-Modules___ctypes_callproc.c) = 7b669f9c081bbc2b7fce2c827703f52b7389d592 @ 1.82.2.2 log @Pullup ticket #6523 - requested by david lang/python27: bugfix Revisions pulled up: - lang/python27/Makefile 1.95 - lang/python27/distinfo 1.87 - lang/python27/patches/patch-Lib_urlparse.py 1.2 --- Module Name: pkgsrc Committed By: gutteridge Date: Wed Oct 27 23:58:55 UTC 2021 Modified Files: pkgsrc/lang/python27: Makefile distinfo pkgsrc/lang/python27/patches: patch-Lib_urlparse.py Log Message: python27: fix definition of variable added in security patch Correct a merge botch introduced in a previous commit. It was intended that a variable be redefined, but it was committed in an incomplete testing state. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.82.2.1 2021/10/13 21:04:00 tm Exp $ d38 1 a38 1 SHA1 (patch-Lib_urlparse.py) = 69db5325a19474113e72c1feeb895a25534412c4 @ 1.81 log @python27: Add reference to CVE-2020-26116 in patches for bpo-39603 @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.80 2020/09/20 12:50:26 mgorny Exp $ d9 1 d11 2 d17 1 d27 3 a29 1 SHA1 (patch-Lib_test_test__urllib2.py) = 09013a0b4a3e6064cbfe96572e47464c5d6ef047 d31 1 d33 4 d41 1 a41 1 SHA1 (patch-Modules_getpath.c) = 9bb2c040895ad6bbe4d0b5807803723b5437d47b d49 3 a51 3 SHA1 (patch-configure) = 999700e96dd227cdd16cea3ae1001eb887ab8fee SHA1 (patch-pyconfig.h.in) = a0143ecdc2a3fb10220d0e3ee94fb9779a45e9e1 SHA1 (patch-setup.py) = bf9763d5a3584970474d5951ed1fc73eb03ea11c @ 1.80 log @lang/python27: Fix patch checksums @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.79 2020/09/20 11:06:23 mgorny Exp $ d16 1 a16 1 SHA1 (patch-Lib_httplib.py) = f4c781427342dc65096345da779e4d8c22b83986 d22 1 a22 1 SHA1 (patch-Lib_test_test__httplib.py) = 1103089fe06fc2091be60caa5688cd5acc792ca0 @ 1.79 log @lang/python27: backport vulnerability fixes from Gentoo Backport 3 vulnerability fixes from Python 3.6 using rebased patches from Gentoo. These are: bpo-39017 (CVE-2019-20907): infinite loop in tarfile.py bpo-39503 (CVE-2020-8492): ReDoS on AbstractBasicAuthHandler bpo-39603 (no CVE): header injection via HTTP method @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.78 2020/09/01 09:26:54 schmonz Exp $ d16 1 a16 1 SHA1 (patch-Lib_httplib.py) = 685891e4ea58062036c87e69e8a0911dd377e64f d21 4 a24 4 SHA1 (patch-Lib_tarfile.py) = 105bd378ccd1574ef765cf417269759363148876 SHA1 (patch-Lib_test_test__httplib.py) = 867d48f677fce23b05c512c0839e704d89e70f14 SHA1 (patch-Lib_test_test__urllib2.py) = 651d99068f5d25fa9dc1e9be7e923db64920b378 SHA1 (patch-Lib_urllib2.py) = 8c3b3b1796b57fe544f118313da157d38263b0e5 @ 1.78 log @Avoid MemoryError from "import ctypes" on OpenBSD (PR pkg/55134) for all applicable Pythons. Bump PKGREVISION. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.77 2020/08/22 13:01:42 schmonz Exp $ d16 1 d21 4 @ 1.77 log @We only know the build version better than python does if we're building 'Python". For all other distributions built with distutils, we sure don't (and, mind you, it's very unlikely to be the exact same version as Python itself). This should fix a whole bunch of py27-* packages broken with the previous commit. Thanks wiz@@ for the heads up. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.76 2020/08/21 19:39:28 schmonz Exp $ d9 1 @ 1.76 log @Pass down PKGVERSION_NOREV in another spot to avoid another PLIST mismatch (for Python-2.7.XX-py2.7.egg-info) on Linux systems with a previous version of this package installed. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.75 2020/08/15 12:35:56 schmonz Exp $ d12 1 a12 1 SHA1 (patch-Lib_distutils_command_install__egg__info.py) = 94716025231f5fb25436a4fa741e802ff284f98d @ 1.75 log @Note that the need for this patch appears self-induced. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.74 2020/08/14 19:28:43 schmonz Exp $ d12 1 @ 1.74 log @On systems where both of the conditions 1. LD_LIBRARY_PATH does _not_ take precedence over DT_RPATH (e.g. Linux) 2. A previous libpython with the same major.minor is already installed (e.g. a previous version of this package) hold, the built python will be linked with the installed libpython, causing it to report an old teeny version in sys.version_info while staging the install. Then "make package" fails with PLIST mismatches for {,Pattern}Grammar.*.pickle. pkgsrc knows which version we're building. Pass that down instead. For platforms that weren't having this problem, no functional change intended. For platforms that were, this simply restores "make package", so no PKGREVISION bump. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.73 2020/04/20 20:05:56 adam Exp $ d14 1 a14 1 SHA1 (patch-Lib_lib2to3_pgen2_driver.py) = abe876142a20e60a3c0a0cf80abeecf54855c07c @ 1.73 log @python27: updated to 2.7.18 Python 2.7.18, the last release of Python 2 The CPython core developers are pleased to announce the immediate availability of Python 2.7.18. Python 2.7.18 is the last Python 2.7 release and therefore the last Python 2 release. It's time for the CPython community to say a fond but firm farewell to Python 2. Download this unique, commemorative Python release on python.org. Python 2.7 has been under active development since the release of Python 2.6, more than 11 years ago. Over all those years, CPython's core developers and contributors sedulously applied bug fixes to the 2.7 branch, no small task as the Python 2 and 3 branches diverged. There were large changes midway through Python 2.7's life such as PEP 466's feature backports to the ssl module and hash randomization. Traditionally, these features would never have been added to a branch in maintenance mode, but exceptions were made to keep Python 2 users secure. Thank you to CPython's community for such dedication. Python 2.7 was lucky to have the services of two generations of binary builders and operating system experts, Martin von Löwis and Steve Dower for Windows, and Ronald Oussoren and Ned Deily for macOS. The reason we provided binary Python 2.7 releases for macOS 10.9, an operating system obsoleted by Apple 4 years ago, or why the "Microsoft Visual C++ Compiler for Python 2.7" exists is the dedication of these individuals. Python 3 would be nowhere without the dedication of the wider community. Library maintainers followed CPython by maintaining Python 2 support for many years but also threw their weight behind the Python 3 statement. Linux distributors chased Python 2 out of their archives. Users migrated hundreds of millions of lines of code, developed porting guides, and kept Python 2 in their brain while Python 3 gained 10 years of improvements. Finally, thank you to GvR for creating Python 0.9, 1, 2, and 3. Long live Python 3+! @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.72 2019/10/21 09:40:35 adam Exp $ d14 1 @ 1.72 log @python27: updated to 2.7.17 2.7.17: Escape the server title of :class:`DocXMLRPCServer.DocXMLRPCServer` when rendering the document page as HTML. Update vendorized expat library version to 2.2.8, which resolves CVE-2019-15903. Updated OpenSSL to 1.0.2s in Windows installer Don't set cookie for a request when the request path is a prefix match of the cookie's path attribute but doesn't end with "/". Don't send cookies of domain A without Domain attribute to domain B when domain A is a suffix match of domain B while using a cookiejar with :class:`cookielib.DefaultCookiePolicy` policy. Fix parsing of invalid email addresses with more than one ``@@`` (e.g. a@@b@@c.com.) to not return the part before 2nd ``@@`` as valid email address. Fixes mishandling of pre-normalization characters in urlsplit(). Address CVE-2019-9740 by disallowing URL paths with embedded whitespace or control characters through into the underlying http client request. Such potentially malicious header injection URLs now cause an httplib.InvalidURL exception to be raised. Changes urlsplit() to raise ValueError when the URL contains characters that decompose under IDNA encoding (NFKC-normalization) into characters that affect how the URL is parsed. CVE-2019-9948: Avoid file reading by disallowing ``local-file://`` and ``local_file://`` URL schemes in :func:`urllib.urlopen`, :meth:`urllib.URLopener.open` and :meth:`urllib.URLopener.retrieve`. Fix race in PyThread_release_lock that was leading to memory corruption and deadlocks. The fix applies to POSIX systems where Python locks are implemented with mutex and condition variable because POSIX semaphores are either not provided, or are known to be broken. One particular example of such system is macOS. valgrind: suppress a false alarm in memory leak checks. _PyWarnings_Init() only allocates memory once at startup but it is not released at exit. Ignore this issue to be able to catch other bugs more easily. Fix possible overflow in ``wrap_lenfunc()`` when ``sizeof(long) < sizeof(Py_ssize_t)`` (e.g., 64-bit Windows). pymalloc returns memory blocks aligned by 16 bytes, instead of 8 bytes, on 64-bit platforms to conform x86-64 ABI. Recent compilers assume this alignment more often. Fix signed integer overflow in _ctypes.c's ``PyCArrayType_new()``. Fix a possible double ``PyMem_FREE()`` due to tokenizer.c's ``tok_nextc()``. Fix a possible reference leak in :func:`itertools.count`. PyOS_StdioReadline() no longer leaks memory when realloc() fails. Fix an unlikely memory leak on conversion from string to float in the function ``_Py_dg_strtod()`` used by ``float(str)``, ``complex(str)``, :func:`pickle.load`, :func:`marshal.load`, etc. Fix use of uninitialized memory in cPickle when reading a truncated pickle from a file object. Clarified Doc string for builtin filter function. 2nd Argument can be any iterable. Allow the rare code that wants to send invalid http requests from the `http.client` library a way to do so. The fixes for bpo-30458 led to breakage for some projects that were relying on this ability to test their own behavior in the face of bad requests. Fix a memory leak in comparison of :class:`sqlite3.Row` objects. _hashlib no longer calls obsolete OpenSSL initialization function with OpenSSL 1.1.0+. Fixed a crash in the :func:`tee` iterator when re-enter it. RuntimeError is now raised in this case. Fix C compiler warning caused by distutils.ccompiler.CCompiler.has_function. Fix file descriptors transfer in multiprocessing on FreeBSD: use ``CMSG_SPACE()`` rather than ``CMSG_LEN()``; see :rfc:`3542`. Update wheels bundled with ensurepip (pip 19.2.3 and setuptools 41.2.0) Update vendorized expat version to 2.2.7. :func:`urlparse.urlsplit` error message for invalid ``netloc`` according to NFKC normalization is now a :class:`str` string, rather than a :class:`unicode` string, to prevent error when displaying the error. :meth:`msilib.Directory.start_component()` no longer fails if *keyfile* is not ``None``. Rename the :meth:`test_ascii_replace` to :meth:`test_ascii_strict`. Fix :mod:`distutils.sysconfig` if :data:`sys.executable` is ``None`` or an empty string: use :func:`os.getcwd` to initialize ``project_base``. Fix also the distutils build command: don't use :data:`sys.executable` if it is ``None`` or an empty string. Fix buffer overflow in :meth:`~socket.socket.send` and :meth:`~socket.socket.sendall` methods of :func:`socket.socket` for data larger than 2 GiB. Fix a possible reference leak in the json module. Fix a possible reference leak in the io module. Fix two possible reference leaks in the hotshot module. Fix ``CFLAGS`` in ``customize_compiler()`` of ``distutils.sysconfig``: when the ``CFLAGS`` environment variable is defined, don't override ``CFLAGS`` variable with the ``OPT`` variable anymore. Update ensurepip to install pip 19.0.3 and setuptools 40.8.0. Fix linuxaudiodev.linux_audio_device() error handling: close the internal file descriptor if it fails to open the device. Fix memory leak in ctypes POINTER handling of large values. Fix two unlikely reference leaks in _hashopenssl. The leaks only occur in out-of-memory cases. Resolve potential name clash with libm's sinpi(). Fix ``setup.py check --restructuredtext`` for files containing ``include`` directives. Fix PyList_GetItem index description to include 0. Replace the dead link to the Tkinter 8.5 reference by John Shipman, New Mexico Tech, with a link to the archive.org copy. Improve the examples in the "How do I convert a number to string?" question of the "Programming" section of the FAQ. Fix documentation build for sphinx<1.6. Explicitly set master_doc variable in conf.py for compliance with Sphinx 2.0 Add glossary entry for 'magic method'. Fix test_wsgiref.testEnviron() to no longer depend on the environment variables (don't fail if "X" variable is set). Add --cleanup option to python3 -m test to remove ``test_python_*`` directories of previous failed jobs. Add "make cleantest" to run ``python3 -m test --cleanup``. test_gdb no longer fails if it gets an "unexpected" message on stderr: it now ignores stderr. The purpose of test_gdb is to test that python-gdb.py commands work as expected, not to test gdb. Update Lib/test/selfsigned_pythontestdotnet.pem to match self-signed.pythontest.net's new TLS certificate. Skip specific nntplib and ssl networking tests when they would otherwise fail due to a modern OS or distro with a default OpenSSL policy of rejecting connections to servers with weak certificates or disabling TLS below TLSv1.2. Fix reference leak hunting in regrtest: compute also deltas (of reference count and file descriptor count) during warmup, to ensure that everything is initialized before starting to hunt reference leaks. test_posix.PosixUidGidTests: add tests for invalid uid/gid type (str). Add test.support.TEST_HTTP_URL and replace references of http://www.example.com by this new constant. Avoid test_ttk_guionly ComboboxTest failure with macOS Cocoa Tk. Re-enable missing widget testcases in test_ttk_guionly. Fix ``test_default_ecdh_curve`` when TLSv1.3 is enabled by default. In Solaris family, we must be sure to use ``-D_REENTRANT``. Fix detection of the bind_textdomain_codeset function for building gettext support into the locale module. ``make tags`` and ``make TAGS`` now also parse ``Modules/_io/*.c`` and ``Modules/_io/*.h``. Fix SSL module build with OpenSSL 1.1.0 Updates bundled OpenSSL to 1.0.2t Include the ``FORMAT_MESSAGE_IGNORE_INSERTS`` flag in ``FormatMessageW()`` calls. Update Windows builds to use SQLite 3.28.0. Correctly handle string length in ``msilib.SummaryInfo.GetProperty()`` to prevent it from truncating the last character. Updated OpenSSL to 1.0.2t in macOS installer for 2.7.x. When building 2.7 on macOS without system header files installed in ``/usr/include``, a few extension modules dependent on system-supplied third-party libraries were not being built, most notably zlib. Update macOS installer to use SQLite 3.28.0. Updated OpenSSL to 1.0.2s in macOS installer. Support building Python on macOS without /usr/include installed. As of macOS 10.14, system header files are only available within an SDK provided by either the Command Line Tools or the Xcode app. Properly 'attach' search dialogs to their main window so that they behave like other dialogs and do not get hidden behind their main window. When saving a file, call os.fsync() so bits are flushed to e.g. USB drive. 2to3 now works when run from a zipped standard library. Fix the argument handling in Tools/scripts/lll.py. Fix the cast on error in :c:func:`PyLong_AsUnsignedLongLongMask()`. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.71 2019/03/05 12:43:40 adam Exp $ d3 4 a6 4 SHA1 (Python-2.7.17.tar.xz) = dc5784d11d09c29fbf3fc155e2f242b3d3309454 RMD160 (Python-2.7.17.tar.xz) = 55e05d1475d4e27873e71802529499361ba25e14 SHA512 (Python-2.7.17.tar.xz) = 2dc19a0b0d818c71429dae94783e58b2aac0fa31f5faa1e840cac06245a59932ecc4658d913515736601bcf70a78c9ec60367aed75f4567d1e41ff3bb104da9a Size (Python-2.7.17.tar.xz) = 12855568 bytes @ 1.71 log @python27: updated to 2.7.16 Python 2.7.16 is a bugfix release in the Python 2.7 series. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.70 2018/06/17 19:21:21 adam Exp $ d3 4 a6 4 SHA1 (Python-2.7.16.tar.xz) = e9543af127d958b12b0edfb9340d4f0af3d0d90e RMD160 (Python-2.7.16.tar.xz) = 2e4ab325a9c9edf1687b6a5969cdafeb3cc954da SHA512 (Python-2.7.16.tar.xz) = 16e814e8dcffc707b595ca2919bd2fa3db0d15794c63d977364652c4a5b92e90e72b8c9e1cc83b5020398bd90a1b397dbdd7cb931c49f1aa4af6ef95414b43e0 Size (Python-2.7.16.tar.xz) = 12752104 bytes @ 1.70 log @python: pkgsrc changes - Fix buidling curses (consistent across platforms) - Fix finding libraries with ctypes.util.find_library - Enable spwd module on Linux - Cleanup @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.69 2018/06/03 07:49:27 leot Exp $ d3 4 a6 4 SHA1 (Python-2.7.15.tar.xz) = f99348a095ec4a6411c84c0d15343d11920c9724 RMD160 (Python-2.7.15.tar.xz) = 4bbb2b0012b82e1b27661a08305fad461371679f SHA512 (Python-2.7.15.tar.xz) = 27ea43eb45fc68f3d2469d5f07636e10801dee11635a430ec8ec922ed790bb426b072da94df885e4dfa1ea8b7a24f2f56dd92f9b0f51e162330f161216bd6de6 Size (Python-2.7.15.tar.xz) = 12642436 bytes @ 1.69 log @python27: Remove patches/patch-ah (no longer needed) Since Python 2.7.15 patches/patch-ah is no longer needed and badly interfere (e.g. with it `curses.KEY_*' are no longer exposed): - Prototypes of NetBSD curses(3) are as described, no need to patch them - Avoid {lines,columns} -> {nlines,columns} rename, they are properly undef-ed due HAVE_TERM_H. - Use keyname() (it should be present since NetBSD 2.0) Bump PKGREVISION for devel/py-curses so it will be properly rebuild. Fixes PR pkg/53330 reported by . @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.68 2018/05/19 06:54:55 spz Exp $ d9 3 d13 1 d15 2 d23 2 d26 1 d28 3 a30 11 SHA1 (patch-ab) = ea4feba4e93dbcff07050c82a00d591bb650e934 SHA1 (patch-ad) = 96ae702995d434e2d7ec0ac62e37427a90b61d13 SHA1 (patch-ae) = d836d77854a2b3d79fa34a06a8e2493bf0a503e6 SHA1 (patch-al) = 999700e96dd227cdd16cea3ae1001eb887ab8fee SHA1 (patch-am) = 25c29f3799cb02db962d5c42d71ec59b4748466f SHA1 (patch-an) = 9aad78714c4fe1a21cf66a6627d97d164ecea196 SHA1 (patch-ao) = 5bcfad96f8e490351160f1a7c1f4ece7706a33fa SHA1 (patch-av) = e6aef090b444b455fe351308d251e670329b7dc3 SHA1 (patch-aw) = d07129531ec1427669092c504c12247206408c2d SHA1 (patch-ax) = 8a7a0e5cbfec279a05945dffafea1b1131a76f0e SHA1 (patch-az) = 01e113b0bd251978b555caaaa60b79c372edebce d32 1 a32 1 SHA1 (patch-xa) = 517cfefc2f2e13631d22bad28c327513cdf17c10 @ 1.68 log @update python27 by one teeny, fixing 3 vulnerabilities. Upstream changelog, slightly reordered: Security -------- - bpo-31530: Fixed crashes when iterating over a file on multiple threads. This resolves CVE-2018-1000030. - bpo-32997: A regex in fpformat was vulnerable to catastrophic backtracking. This regex was a potential DOS vector (REDOS). Based on typical uses of fpformat the risk seems low. The regex has been refactored and is now safe. Patch by Jamie Davis. - bpo-32981: Regexes in difflib and poplib were vulnerable to catastrophic backtracking. These regexes formed potential DOS vectors (REDOS). They have been refactored. This resolves CVE-2018-1060 and CVE-2018-1061. Patch by Jamie Davis. - bpo-31339: Rewrite time.asctime() and time.ctime(). Backport and adapt the _asctime() function from the master branch to not depend on the implementation of asctime() and ctime() from the external C library. This change fixes a bug when Python is run using the musl C library. - bpo-30730: Prevent environment variables injection in subprocess on Windows. Prevent passing other environment variables and command arguments. - bpo-30694: Upgrade expat copy from 2.2.0 to 2.2.1 to get fixes of multiple security vulnerabilities including: CVE-2017-9233 (External entity infinite loop DoS), CVE-2016-9063 (Integer overflow, re-fix), CVE-2016-0718 (Fix regression bugs from 2.2.0's fix to CVE-2016-0718) and CVE-2012-0876 (Counter hash flooding with SipHash). Note: the CVE-2016-5300 (Use os- specific entropy sources like getrandom) doesn't impact Python, since Python already gets entropy from the OS to set the expat secret using ``XML_SetHashSalt()``. - bpo-30500: Fix urllib.splithost() to correctly parse fragments. For example, ``splithost('//127.0.0.1#@@evil.com/')`` now correctly returns the ``127.0.0.1`` host, instead of treating ``@@evil.com`` as the host in an authentification (``login@@host``). - bpo-29591: Update expat copy from 2.1.1 to 2.2.0 to get fixes of CVE-2016-0718 and CVE-2016-4472. See https://sourceforge.net/p/expat/bugs/537/ for more information. Core and Builtins ----------------- - bpo-33374: Tweak the definition of PyGC_Head, so compilers do not believe it is always 16-byte aligned on x86. This prevents crashes with more aggressive optimizations present in GCC 8. - bpo-33026: Fixed jumping out of "with" block by setting f_lineno. - bpo-17288: Prevent jumps from 'return' and 'exception' trace events. - bpo-18533: ``repr()`` on a dict containing its own ``viewvalues()`` or ``viewitems()`` no longer raises ``RuntimeError``. Instead, use ``...``, as for other recursive structures. Patch by Ben North. - bpo-10544: Yield expressions are now deprecated in comprehensions and generator expressions when checking Python 3 compatibility. They are still permitted in the definition of the outermost iterable, as that is evaluated directly in the enclosing scope. - bpo-32137: The repr of deeply nested dict now raises a RecursionError instead of crashing due to a stack overflow. - bpo-20047: Bytearray methods partition() and rpartition() now accept only bytes-like objects as separator, as documented. In particular they now raise TypeError rather of returning a bogus result when an integer is passed as a separator. - bpo-31733: Add a new PYTHONSHOWREFCOUNT environment variable. In debug mode, Python now only print the total reference count if PYTHONSHOWREFCOUNT is set. - bpo-31692: Add a new PYTHONSHOWALLOCCOUNT environment variable. When Python is compiled with COUNT_ALLOCS, PYTHONSHOWALLOCCOUNT now has to be set to dump allocation counts into stderr on shutdown. Moreover, allocations statistics are now dumped into stderr rather than stdout. - bpo-31478: Prevent unwanted behavior in `_random.Random.seed()` in case the argument has a bad ``__abs__()`` method. Patch by Oren Milman. - bpo-31490: Fix an assertion failure in `ctypes` class definition, in case the class has an attribute whose name is specified in ``_anonymous_`` but not in ``_fields_``. Patch by Oren Milman. - bpo-31411: Raise a TypeError instead of SystemError in case warnings.onceregistry is not a dictionary. Patch by Oren Milman. - bpo-31343: Include sys/sysmacros.h for major(), minor(), and makedev(). GNU C libray plans to remove the functions from sys/types.h. - bpo-31311: Fix a crash in the ``__setstate__()`` method of `ctypes._CData`, in case of a bad ``__dict__``. Patch by Oren Milman. - bpo-31243: Fix a crash in some methods of `io.TextIOWrapper`, when the decoder's state is invalid. Patch by Oren Milman. - bpo-31095: Fix potential crash during GC caused by ``tp_dealloc`` which doesn't call ``PyObject_GC_UnTrack()``. - bpo-30657: Fixed possible integer overflow in PyString_DecodeEscape. Patch by Jay Bosamiya. - bpo-27945: Fixed various segfaults with dict when input collections are mutated during searching, inserting or comparing. Based on patches by Duane Griffin and Tim Mitchell. - bpo-25794: Fixed type.__setattr__() and type.__delattr__() for non- interned or unicode attribute names. Based on patch by Eryk Sun. - bpo-29935: Fixed error messages in the index() method of tuple and list when pass indices of wrong type. - bpo-28598: Support __rmod__ for subclasses of str being called before str.__mod__. Patch by Martijn Pieters. - bpo-29602: Fix incorrect handling of signed zeros in complex constructor for complex subclasses and for inputs having a __complex__ method. Patch by Serhiy Storchaka. - bpo-29347: Fixed possibly dereferencing undefined pointers when creating weakref objects. - bpo-14376: Allow sys.exit to accept longs as well as ints. Patch by Gareth Rees. - bpo-29028: Fixed possible use-after-free bugs in the subscription of the buffer object with custom index object. - bpo-29145: Fix overflow checks in string, bytearray and unicode. Patch by jan matejek and Xiang Zhang. - bpo-28932: Do not include if it does not exist. Library ------- - bpo-33096: Allow ttk.Treeview.insert to insert iid that has a false boolean value. Note iid=0 and iid=False would be same. Patch by Garvit Khatri. - bpo-33127: The ssl module now compiles with LibreSSL 2.7.1. - bpo-30622: The ssl module now detects missing NPN support in LibreSSL. - bpo-21060: Rewrite confusing message from setup.py upload from "No dist file created in earlier command" to the more helpful "Must create and upload files in one command". - bpo-30157: Fixed guessing quote and delimiter in csv.Sniffer.sniff() when only the last field is quoted. Patch by Jake Davis. - bpo-32647: The ctypes module used to depend on indirect linking for dlopen. The shared extension is now explicitly linked against libdl on platforms with dl. - bpo-32304: distutils' upload command no longer corrupts tar files ending with a CR byte, and no longer tries to convert CR to CRLF in any of the upload text fields. - bpo-31848: Fix the error handling in Aifc_read.initfp() when the SSND chunk is not found. Patch by Zackery Spytz. - bpo-32521: The nis module is now compatible with new libnsl and headers location. - bpo-32539: Fix ``OSError`` for ``os.listdir`` with deep paths (starting with ``\\?\``) on windows. Patch by Anthony Sottile. - bpo-32521: glibc has removed Sun RPC. Use replacement libtirpc headers and library in nis module. - bpo-18035: ``telnetlib``: ``select.error`` doesn't have an ``errno`` attribute. Patch by Segev Finer. - bpo-32185: The SSL module no longer sends IP addresses in SNI TLS extension on platforms with OpenSSL 1.0.2+ or inet_pton. - bpo-32186: Creating io.FileIO() and builtin file() objects now release the GIL when checking the file descriptor. io.FileIO.readall(), io.FileIO.read(), and file.read() now release the GIL when getting the file size. Fixed hang of all threads with inaccessible NFS server. Patch by Nir Soffer. - bpo-32110: ``codecs.StreamReader.read(n)`` now returns not more than *n* characters/bytes for non-negative *n*. This makes it compatible with ``read()`` methods of other file-like objects. - bpo-21149: Silence a `'NoneType' object is not callable` in `_removeHandlerRef` error that could happen when a logging Handler is destroyed as part of cyclic garbage collection during process shutdown. - bpo-31764: Prevent a crash in ``sqlite3.Cursor.close()`` in case the ``Cursor`` object is uninitialized. Patch by Oren Milman. - bpo-31955: Fix CCompiler.set_executable() of distutils to handle properly Unicode strings. - bpo-9678: Fixed determining the MAC address in the uuid module: * Using ifconfig on NetBSD and OpenBSD. * Using arp on Linux, FreeBSD, NetBSD and OpenBSD. Based on patch by Takayuki Shimizukawa. - bpo-30057: Fix potential missed signal in signal.signal(). - bpo-31927: Fixed reading arbitrary data when parse a AF_BLUETOOTH address on NetBSD and DragonFly BSD. - bpo-27666: Fixed stack corruption in curses.box() and curses.ungetmouse() when the size of types chtype or mmask_t is less than the size of C long. curses.box() now accepts characters as arguments. Based on patch by Steve Fink. - bpo-25720: Fix the method for checking pad state of curses WINDOW. Patch by Masayuki Yamamoto. - bpo-31893: Fixed the layout of the kqueue_event structure on OpenBSD and NetBSD. Fixed the comparison of the kqueue_event objects. - bpo-31891: Fixed building the curses module on NetBSD. - bpo-30058: Fixed buffer overflow in select.kqueue.control(). - bpo-31770: Prevent a crash when calling the ``__init__()`` method of a ``sqlite3.Cursor`` object more than once. Patch by Oren Milman. - bpo-31728: Prevent crashes in `_elementtree` due to unsafe cleanup of `Element.text` and `Element.tail`. Patch by Oren Milman. - bpo-31752: Fix possible crash in timedelta constructor called with custom integers. - bpo-31681: Fix pkgutil.get_data to avoid leaking open files. - bpo-31675: Fixed memory leaks in Tkinter's methods splitlist() and split() when pass a string larger than 2 GiB. - bpo-30806: Fix the string representation of a netrc object. - bpo-30347: Stop crashes when concurrently iterate over itertools.groupby() iterators. - bpo-25732: `functools.total_ordering()` now implements the `__ne__` method. - bpo-31351: python -m ensurepip now exits with non-zero exit code if pip bootstrapping has failed. - bpo-31544: The C accelerator module of ElementTree ignored exceptions raised when looking up TreeBuilder target methods in XMLParser(). - bpo-31455: The C accelerator module of ElementTree ignored exceptions raised when looking up TreeBuilder target methods in XMLParser(). - bpo-25404: SSLContext.load_dh_params() now supports non-ASCII path. - bpo-28958: ssl.SSLContext() now uses OpenSSL error information when a context cannot be instantiated. - bpo-27448: Work around a `gc.disable()` race condition in the `subprocess` module that could leave garbage collection disabled when multiple threads are spawning subprocesses at once. Users are *strongly encouraged* to use the `subprocess32` module from PyPI on Python 2.7 instead, it is much more reliable. - bpo-31170: expat: Update libexpat from 2.2.3 to 2.2.4. Fix copying of partial characters for UTF-8 input (libexpat bug 115): https://github.com/libexpat/libexpat/issues/115 - bpo-29136: Add TLS 1.3 cipher suites and OP_NO_TLSv1_3. - bpo-31334: Fix ``poll.poll([timeout])`` in the ``select`` module for arbitrary negative timeouts on all OSes where it can only be a non- negative integer or -1. Patch by Riccardo Coccioli. - bpo-10746: Fix ctypes producing wrong PEP 3118 type codes for integer types. - bpo-30102: The ssl and hashlib modules now call OPENSSL_add_all_algorithms_noconf() on OpenSSL < 1.1.0. The function detects CPU features and enables optimizations on some CPU architectures such as POWER8. Patch is based on research from Gustavo Serra Scalet. - bpo-30502: Fix handling of long oids in ssl. Based on patch by Christian Heimes. - bpo-25684: Change ``ttk.OptionMenu`` radiobuttons to be unique across instances of ``OptionMenu``. - bpo-29169: Update zlib to 1.2.11. - bpo-30746: Prohibited the '=' character in environment variable names in ``os.putenv()`` and ``os.spawn*()``. - bpo-28994: The traceback no longer displayed for SystemExit raised in a callback registered by atexit. - bpo-30418: On Windows, subprocess.Popen.communicate() now also ignore EINVAL on stdin.write() if the child process is still running but closed the pipe. - bpo-30378: Fix the problem that logging.handlers.SysLogHandler cannot handle IPv6 addresses. - bpo-29960: Preserve generator state when _random.Random.setstate() raises an exception. Patch by Bryan Olson. - bpo-30310: tkFont now supports unicode options (e.g. font family). - bpo-30414: multiprocessing.Queue._feed background running thread do not break from main loop on exception. - bpo-30003: Fix handling escape characters in HZ codec. Based on patch by Ma Lin. - bpo-30375: Warnings emitted when compile a regular expression now always point to the line in the user code. Previously they could point into inners of the re module if emitted from inside of groups or conditionals. - bpo-30363: Running Python with the -3 option now warns about regular expression syntax that is invalid or has different semantic in Python 3 or will change the behavior in future Python versions. - bpo-30365: Running Python with the -3 option now emits deprecation warnings for getchildren() and getiterator() methods of the Element class in the xml.etree.cElementTree module and when pass the html argument to xml.etree.ElementTree.XMLParser(). - bpo-30365: Fixed a deprecation warning about the doctype() method of the xml.etree.ElementTree.XMLParser class. Now it is emitted only when define the doctype() method in the subclass of XMLParser. - bpo-30329: imaplib now catchs the Windows socket WSAEINVAL error (code 10022) on shutdown(SHUT_RDWR): An invalid operation was attempted. This error occurs sometimes on SSL connections. - bpo-30342: Fix sysconfig.is_python_build() if Python is built with Visual Studio 2008 (VS 9.0). - bpo-29990: Fix range checking in GB18030 decoder. Original patch by Ma Lin. - bpo-30243: Removed the __init__ methods of _json's scanner and encoder. Misusing them could cause memory leaks or crashes. Now scanner and encoder objects are completely initialized in the __new__ methods. - bpo-26293: Change resulted because of zipfile breakage. (See also: bpo-29094) - bpo-30070: Fixed leaks and crashes in errors handling in the parser module. - bpo-30061: Fixed crashes in IOBase methods next() and readlines() when readline() or next() respectively return non-sizeable object. Fixed possible other errors caused by not checking results of PyObject_Size(), PySequence_Size(), or PyMapping_Size(). - bpo-30011: Fixed race condition in HTMLParser.unescape(). - bpo-30068: _io._IOBase.readlines will check if it's closed first when hint is present. - bpo-27863: Fixed multiple crashes in ElementTree caused by race conditions and wrong types. - bpo-29942: Fix a crash in itertools.chain.from_iterable when encountering long runs of empty iterables. - bpo-29861: Release references to tasks, their arguments and their results as soon as they are finished in multiprocessing.Pool. - bpo-27880: Fixed integer overflow in cPickle when pickle large strings or too many objects. - bpo-29110: Fix file object leak in aifc.open() when file is given as a filesystem path and is not in valid AIFF format. Original patch by Anthony Zhang. - bpo-29354: Fixed inspect.getargs() for parameters which are cell variables. - bpo-29335: Fix subprocess.Popen.wait() when the child process has exited to a stopped instead of terminated state (ex: when under ptrace). - bpo-29219: Fixed infinite recursion in the repr of uninitialized ctypes.CDLL instances. - bpo-29082: Fixed loading libraries in ctypes by unicode names on Windows. Original patch by Chi Hsuan Yen. - bpo-29188: Support glibc 2.24 on Linux: don't use getentropy() function but read from /dev/urandom to get random bytes, for example in os.urandom(). On Linux, getentropy() is implemented which getrandom() is blocking mode, whereas os.urandom() should not block. - bpo-29142: In urllib, suffixes in no_proxy environment variable with leading dots could match related hostnames again (e.g. .b.c matches a.b.c). Patch by Milan Oberkirch. - bpo-13051: Fixed recursion errors in large or resized curses.textpad.Textbox. Based on patch by Tycho Andersen. - bpo-9770: curses.ascii predicates now work correctly with negative integers. - bpo-28427: old keys should not remove new values from WeakValueDictionary when collecting from another thread. - bpo-28998: More APIs now support longs as well as ints. - bpo-28923: Remove editor artifacts from Tix.py, including encoding not recognized by codecs.lookup. - bpo-29019: Fix dict.fromkeys(x) overallocates when x is sparce dict. Original patch by Rasmus Villemoes. - bpo-19542: Fix bugs in WeakValueDictionary.setdefault() and WeakValueDictionary.pop() when a GC collection happens in another thread. - bpo-28925: cPickle now correctly propagates errors when unpickle instances of old-style classes. Documentation ------------- - bpo-27212: Modify documentation for the :func:`islice` recipe to consume initial values up to the start index. - bpo-32800: Update link to w3c doc for xml default namespaces. - bpo-17799: Explain real behaviour of sys.settrace and sys.setprofile and their C-API counterparts regarding which type of events are received in each function. Patch by Pablo Galindo Salgado. - bpo-8243: Add a note about curses.addch and curses.addstr exception behavior when writing outside a window, or pad. - bpo-21649: Add RFC 7525 and Mozilla server side TLS links to SSL documentation. - bpo-30176: Add missing attribute related constants in curses documentation. - bpo-28929: Link the documentation to its source file on GitHub. - bpo-26355: Add canonical header link on each page to corresponding major version of the documentation. Patch by Matthias Bussonnier. - bpo-12067: Rewrite Comparisons section in the Expressions chapter of the language reference. Some of the details of comparing mixed types were incorrect or ambiguous. Added default behaviour and consistency suggestions for user- defined classes. Based on patch from Andy Maier. Tests ----- - bpo-31719: Fix test_regrtest.test_crashed() on s390x. Add a new _testcapi._read_null() function to crash Python in a reliable way on s390x. On s390x, ctypes.string_at(0) returns an empty string rather than crashing. - bpo-31518: Debian Unstable has disabled TLS 1.0 and 1.1 for SSLv23_METHOD(). Change TLS/SSL protocol of some tests to PROTOCOL_TLS or PROTOCOL_TLSv1_2 to make them pass on Debian. - bpo-25674: Remove sha256.tbs-internet.com ssl test - bpo-11790: Fix sporadic failures in test_multiprocessing.WithProcessesTestCondition. - bpo-30236: Backported test.regrtest options -m/--match and -G/--failfast from Python 3. - bpo-30223: To unify running tests in Python 2.7 and Python 3, the test package can be run as a script. This is equivalent to running the test.regrtest module as a script. - bpo-30207: To simplify backports from Python 3, the test.test_support module was converted into a package and renamed to test.support. The test.script_helper module was moved into the test.support package. Names test.test_support and test.script_helper are left as aliases to test.support and test.support.script_helper. - bpo-30197: Enhanced function swap_attr() in the test.test_support module. It now works when delete replaced attribute inside the with statement. The old value of the attribute (or None if it doesn't exist) now will be assigned to the target of the "as" clause, if there is one. Also backported function swap_item(). - bpo-28087: Skip test_asyncore and test_eintr poll failures on macOS. Skip some tests of select.poll when running on macOS due to unresolved issues with the underlying system poll function on some macOS versions. - bpo-15083: Convert ElementTree doctests to unittests. Build ----- - bpo-33163: Upgrade pip to 9.0.3 and setuptools to v39.0.1. - bpo-32616: Disable computed gotos by default for clang < 5.0. It caused significant performance regression. - bpo-32635: Fix segfault of the crypt module when libxcrypt is provided instead of libcrypt at the system. - bpo-31934: Abort the build when building out of a not clean source tree. - bpo-31474: Fix -Wint-in-bool-context warnings in PyMem_MALLOC and PyMem_REALLOC macros - bpo-29243: Prevent unnecessary rebuilding of Python during ``make test``, ``make install`` and some other make targets when configured with ``--enable- optimizations``. - bpo-23404: Don't regenerate generated files based on file modification time anymore: the action is now explicit. Replace ``make touch`` with ``make regen-all``. - bpo-27593: sys.version and the platform module python_build(), python_branch(), and python_revision() functions now use git information rather than hg when building from a repo. - bpo-29643: Fix ``--enable-optimization`` configure option didn't work. - bpo-29572: Update Windows build and OS X installers to use OpenSSL 1.0.2k. - bpo-28768: Fix implicit declaration of function _setmode. Patch by Masayuki Yamamoto Windows ------- - bpo-33184: Update Windows build to use OpenSSL 1.0.2o. - bpo-32903: Fix a memory leak in os.chdir() on Windows if the current directory is set to a UNC path. - bpo-30855: Bump Tcl/Tk to 8.5.19. - bpo-30450: Pull build dependencies from GitHub rather than svn.python.org. macOS ----- - bpo-32726: Provide an additional, more modern macOS installer variant that supports macOS 10.9+ systems in 64-bit mode only. Upgrade the supplied third-party libraries to OpenSSL 1.0.2n and SQLite 3.22.0. The 10.9+ installer now supplies its own private copy of Tcl/Tk 8.6.8. - bpo-24414: Default macOS deployment target is now set by ``configure`` to the build system's OS version (as is done by Python 3), not ``10.4``; override with, for example, ``./configure MACOSX_DEPLOYMENT_TARGET=10.4``. - bpo-17128: All 2.7 macOS installer variants now supply their own version of ``OpenSSL 1.0.2``; the Apple-supplied SSL libraries and root certificates are not longer used. The ``Installer Certificate`` command in ``/Applications/Python 2.7`` may be used to download and install a default set of root certificates from the third-party ``certifi`` package. - bpo-11485: python.org macOS Pythons no longer supply a default SDK value (e.g. ``-isysroot /``) or specific compiler version default (e.g. ``gcc-4.2``) when building extension modules. Use ``CC``, ``SDKROOT``, and ``DEVELOPER_DIR`` environment variables to override compilers or to use an SDK. See Apple's ``xcrun`` man page for more info. - bpo-33184: Update macOS installer build to use OpenSSL 1.0.2o. Tools/Demos ----------- - bpo-31920: Fixed handling directories as arguments in the ``pygettext`` script. Based on patch by Oleg Krasnikov. - bpo-30109: Fixed Tools/scripts/reindent.py for non-ASCII files. It now processes files as binary streams. This also fixes "make reindent". - bpo-24960: 2to3 and lib2to3 can now read pickled grammar files using pkgutil.get_data() rather than probing the filesystem. This lets 2to3 and lib2to3 work when run from a zipfile. C API ----- - bpo-20891: Fix PyGILState_Ensure(). When PyGILState_Ensure() is called in a non-Python thread before PyEval_InitThreads(), only call PyEval_InitThreads() after calling PyThreadState_New() to fix a crash. - bpo-31626: When Python is built in debug mode, the memory debug hooks now fail with a fatal error if realloc() fails to shrink a memory block, because the debug hook just erased freed bytes without keeping a copy of them. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.67 2017/11/01 21:51:21 wiz Exp $ a21 1 SHA1 (patch-ah) = e74afa778af669605f9089e67b70953a271589a8 @ 1.67 log @python*: remove patch for py_curses.h that doesn't make sense to me (nor upstream) If this is still needed, please explain it. Thanks. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.66 2017/09/17 09:54:52 adam Exp $ d3 4 a6 4 SHA1 (Python-2.7.14.tar.xz) = cf146474fc988b4b6b53fdd81b71c2815873b469 RMD160 (Python-2.7.14.tar.xz) = 816553f988c661cfe31b6e89a513fdfbf87963d5 SHA512 (Python-2.7.14.tar.xz) = 78310b0be6388ffa15f29a80afb9ab3c03a572cb094e9da00cfe391afadb51696e41f592eb658d6a31a2f422fdac8a55214a382cbb8cfb43d4a127d5b35ea7f9 Size (Python-2.7.14.tar.xz) = 12576112 bytes d22 2 a23 2 SHA1 (patch-ah) = dbb36db1182748fae26320dbe0bc5f9006886b1c SHA1 (patch-al) = 541936b79f281db06761f4fa6a65a04e852b02b4 @ 1.67.4.1 log @Pullup ticket #5760 - requested by spz lang/python27: security fix Revisions pulled up: - lang/python27/PLIST.common 1.19 - lang/python27/dist.mk 1.15 - lang/python27/distinfo 1.68 - lang/python27/patches/patch-ah 1.9 - lang/python27/patches/patch-al 1.18 --- Module Name: pkgsrc Committed By: spz Date: Sat May 19 06:54:55 UTC 2018 Modified Files: pkgsrc/lang/python27: PLIST.common dist.mk distinfo pkgsrc/lang/python27/patches: patch-ah patch-al Log Message: update python27 by one teeny, fixing 3 vulnerabilities. Upstream changelog, slightly reordered: Security -------- - bpo-31530: Fixed crashes when iterating over a file on multiple threads. This resolves CVE-2018-1000030. - bpo-32997: A regex in fpformat was vulnerable to catastrophic backtracking. This regex was a potential DOS vector (REDOS). Based on typical uses of fpformat the risk seems low. The regex has been refactored and is now safe. Patch by Jamie Davis. - bpo-32981: Regexes in difflib and poplib were vulnerable to catastrophic backtracking. These regexes formed potential DOS vectors (REDOS). They have been refactored. This resolves CVE-2018-1060 and CVE-2018-1061. Patch by Jamie Davis. - bpo-31339: Rewrite time.asctime() and time.ctime(). Backport and adapt the _asctime() function from the master branch to not depend on the implementation of asctime() and ctime() from the external C library. This change fixes a bug when Python is run using the musl C library. - bpo-30730: Prevent environment variables injection in subprocess on Windows. Prevent passing other environment variables and command arguments. - bpo-30694: Upgrade expat copy from 2.2.0 to 2.2.1 to get fixes of multiple security vulnerabilities including: CVE-2017-9233 (External entity infinite loop DoS), CVE-2016-9063 (Integer overflow, re-fix), CVE-2016-0718 (Fix regression bugs from 2.2.0's fix to CVE-2016-0718) and CVE-2012-0876 (Counter hash flooding with SipHash). Note: the CVE-2016-5300 (Use os- specific entropy sources like getrandom) doesn't impact Python, since Python already gets entropy from the OS to set the expat secret using ``XML_SetHashSalt()``. - bpo-30500: Fix urllib.splithost() to correctly parse fragments. For example, ``splithost('//127.0.0.1#@@evil.com/')`` now correctly returns the ``127.0.0.1`` host, instead of treating ``@@evil.com`` as the host in an authentification (``login@@host``). - bpo-29591: Update expat copy from 2.1.1 to 2.2.0 to get fixes of CVE-2016-0718 and CVE-2016-4472. See https://sourceforge.net/p/expat/bugs/537/ for more information. Core and Builtins ----------------- - bpo-33374: Tweak the definition of PyGC_Head, so compilers do not believe it is always 16-byte aligned on x86. This prevents crashes with more aggressive optimizations present in GCC 8. - bpo-33026: Fixed jumping out of "with" block by setting f_lineno. - bpo-17288: Prevent jumps from 'return' and 'exception' trace events. - bpo-18533: ``repr()`` on a dict containing its own ``viewvalues()`` or ``viewitems()`` no longer raises ``RuntimeError``. Instead, use ``...``, as for other recursive structures. Patch by Ben North. - bpo-10544: Yield expressions are now deprecated in comprehensions and generator expressions when checking Python 3 compatibility. They are still permitted in the definition of the outermost iterable, as that is evaluated directly in the enclosing scope. - bpo-32137: The repr of deeply nested dict now raises a RecursionError instead of crashing due to a stack overflow. - bpo-20047: Bytearray methods partition() and rpartition() now accept only bytes-like objects as separator, as documented. In particular they now raise TypeError rather of returning a bogus result when an integer is passed as a separator. - bpo-31733: Add a new PYTHONSHOWREFCOUNT environment variable. In debug mode, Python now only print the total reference count if PYTHONSHOWREFCOUNT is set. - bpo-31692: Add a new PYTHONSHOWALLOCCOUNT environment variable. When Python is compiled with COUNT_ALLOCS, PYTHONSHOWALLOCCOUNT now has to be set to dump allocation counts into stderr on shutdown. Moreover, allocations statistics are now dumped into stderr rather than stdout. - bpo-31478: Prevent unwanted behavior in `_random.Random.seed()` in case the argument has a bad ``__abs__()`` method. Patch by Oren Milman. - bpo-31490: Fix an assertion failure in `ctypes` class definition, in case the class has an attribute whose name is specified in ``_anonymous_`` but not in ``_fields_``. Patch by Oren Milman. - bpo-31411: Raise a TypeError instead of SystemError in case warnings.onceregistry is not a dictionary. Patch by Oren Milman. - bpo-31343: Include sys/sysmacros.h for major(), minor(), and makedev(). GNU C libray plans to remove the functions from sys/types.h. - bpo-31311: Fix a crash in the ``__setstate__()`` method of `ctypes._CData`, in case of a bad ``__dict__``. Patch by Oren Milman. - bpo-31243: Fix a crash in some methods of `io.TextIOWrapper`, when the decoder's state is invalid. Patch by Oren Milman. - bpo-31095: Fix potential crash during GC caused by ``tp_dealloc`` which doesn't call ``PyObject_GC_UnTrack()``. - bpo-30657: Fixed possible integer overflow in PyString_DecodeEscape. Patch by Jay Bosamiya. - bpo-27945: Fixed various segfaults with dict when input collections are mutated during searching, inserting or comparing. Based on patches by Duane Griffin and Tim Mitchell. - bpo-25794: Fixed type.__setattr__() and type.__delattr__() for non- interned or unicode attribute names. Based on patch by Eryk Sun. - bpo-29935: Fixed error messages in the index() method of tuple and list when pass indices of wrong type. - bpo-28598: Support __rmod__ for subclasses of str being called before str.__mod__. Patch by Martijn Pieters. - bpo-29602: Fix incorrect handling of signed zeros in complex constructor for complex subclasses and for inputs having a __complex__ method. Patch by Serhiy Storchaka. - bpo-29347: Fixed possibly dereferencing undefined pointers when creating weakref objects. - bpo-14376: Allow sys.exit to accept longs as well as ints. Patch by Gareth Rees. - bpo-29028: Fixed possible use-after-free bugs in the subscription of the buffer object with custom index object. - bpo-29145: Fix overflow checks in string, bytearray and unicode. Patch by jan matejek and Xiang Zhang. - bpo-28932: Do not include if it does not exist. Library ------- - bpo-33096: Allow ttk.Treeview.insert to insert iid that has a false boolean value. Note iid=0 and iid=False would be same. Patch by Garvit Khatri. - bpo-33127: The ssl module now compiles with LibreSSL 2.7.1. - bpo-30622: The ssl module now detects missing NPN support in LibreSSL. - bpo-21060: Rewrite confusing message from setup.py upload from "No dist file created in earlier command" to the more helpful "Must create and upload files in one command". - bpo-30157: Fixed guessing quote and delimiter in csv.Sniffer.sniff() when only the last field is quoted. Patch by Jake Davis. - bpo-32647: The ctypes module used to depend on indirect linking for dlopen. The shared extension is now explicitly linked against libdl on platforms with dl. - bpo-32304: distutils' upload command no longer corrupts tar files ending with a CR byte, and no longer tries to convert CR to CRLF in any of the upload text fields. - bpo-31848: Fix the error handling in Aifc_read.initfp() when the SSND chunk is not found. Patch by Zackery Spytz. - bpo-32521: The nis module is now compatible with new libnsl and headers location. - bpo-32539: Fix ``OSError`` for ``os.listdir`` with deep paths (starting with ``\\?\``) on windows. Patch by Anthony Sottile. - bpo-32521: glibc has removed Sun RPC. Use replacement libtirpc headers and library in nis module. - bpo-18035: ``telnetlib``: ``select.error`` doesn't have an ``errno`` attribute. Patch by Segev Finer. - bpo-32185: The SSL module no longer sends IP addresses in SNI TLS extension on platforms with OpenSSL 1.0.2+ or inet_pton. - bpo-32186: Creating io.FileIO() and builtin file() objects now release the GIL when checking the file descriptor. io.FileIO.readall(), io.FileIO.read(), and file.read() now release the GIL when getting the file size. Fixed hang of all threads with inaccessible NFS server. Patch by Nir Soffer. - bpo-32110: ``codecs.StreamReader.read(n)`` now returns not more than *n* characters/bytes for non-negative *n*. This makes it compatible with ``read()`` methods of other file-like objects. - bpo-21149: Silence a `'NoneType' object is not callable` in `_removeHandlerRef` error that could happen when a logging Handler is destroyed as part of cyclic garbage collection during process shutdown. - bpo-31764: Prevent a crash in ``sqlite3.Cursor.close()`` in case the ``Cursor`` object is uninitialized. Patch by Oren Milman. - bpo-31955: Fix CCompiler.set_executable() of distutils to handle properly Unicode strings. - bpo-9678: Fixed determining the MAC address in the uuid module: * Using ifconfig on NetBSD and OpenBSD. * Using arp on Linux, FreeBSD, NetBSD and OpenBSD. Based on patch by Takayuki Shimizukawa. - bpo-30057: Fix potential missed signal in signal.signal(). - bpo-31927: Fixed reading arbitrary data when parse a AF_BLUETOOTH address on NetBSD and DragonFly BSD. - bpo-27666: Fixed stack corruption in curses.box() and curses.ungetmouse() when the size of types chtype or mmask_t is less than the size of C long. curses.box() now accepts characters as arguments. Based on patch by Steve Fink. - bpo-25720: Fix the method for checking pad state of curses WINDOW. Patch by Masayuki Yamamoto. - bpo-31893: Fixed the layout of the kqueue_event structure on OpenBSD and NetBSD. Fixed the comparison of the kqueue_event objects. - bpo-31891: Fixed building the curses module on NetBSD. - bpo-30058: Fixed buffer overflow in select.kqueue.control(). - bpo-31770: Prevent a crash when calling the ``__init__()`` method of a ``sqlite3.Cursor`` object more than once. Patch by Oren Milman. - bpo-31728: Prevent crashes in `_elementtree` due to unsafe cleanup of `Element.text` and `Element.tail`. Patch by Oren Milman. - bpo-31752: Fix possible crash in timedelta constructor called with custom integers. - bpo-31681: Fix pkgutil.get_data to avoid leaking open files. - bpo-31675: Fixed memory leaks in Tkinter's methods splitlist() and split() when pass a string larger than 2 GiB. - bpo-30806: Fix the string representation of a netrc object. - bpo-30347: Stop crashes when concurrently iterate over itertools.groupby() iterators. - bpo-25732: `functools.total_ordering()` now implements the `__ne__` method. - bpo-31351: python -m ensurepip now exits with non-zero exit code if pip bootstrapping has failed. - bpo-31544: The C accelerator module of ElementTree ignored exceptions raised when looking up TreeBuilder target methods in XMLParser(). - bpo-31455: The C accelerator module of ElementTree ignored exceptions raised when looking up TreeBuilder target methods in XMLParser(). - bpo-25404: SSLContext.load_dh_params() now supports non-ASCII path. - bpo-28958: ssl.SSLContext() now uses OpenSSL error information when a context cannot be instantiated. - bpo-27448: Work around a `gc.disable()` race condition in the `subprocess` module that could leave garbage collection disabled when multiple threads are spawning subprocesses at once. Users are *strongly encouraged* to use the `subprocess32` module from PyPI on Python 2.7 instead, it is much more reliable. - bpo-31170: expat: Update libexpat from 2.2.3 to 2.2.4. Fix copying of partial characters for UTF-8 input (libexpat bug 115): https://github.com/libexpat/libexpat/issues/115 - bpo-29136: Add TLS 1.3 cipher suites and OP_NO_TLSv1_3. - bpo-31334: Fix ``poll.poll([timeout])`` in the ``select`` module for arbitrary negative timeouts on all OSes where it can only be a non- negative integer or -1. Patch by Riccardo Coccioli. - bpo-10746: Fix ctypes producing wrong PEP 3118 type codes for integer types. - bpo-30102: The ssl and hashlib modules now call OPENSSL_add_all_algorithms_noconf() on OpenSSL < 1.1.0. The function detects CPU features and enables optimizations on some CPU architectures such as POWER8. Patch is based on research from Gustavo Serra Scalet. - bpo-30502: Fix handling of long oids in ssl. Based on patch by Christian Heimes. - bpo-25684: Change ``ttk.OptionMenu`` radiobuttons to be unique across instances of ``OptionMenu``. - bpo-29169: Update zlib to 1.2.11. - bpo-30746: Prohibited the '=' character in environment variable names in ``os.putenv()`` and ``os.spawn*()``. - bpo-28994: The traceback no longer displayed for SystemExit raised in a callback registered by atexit. - bpo-30418: On Windows, subprocess.Popen.communicate() now also ignore EINVAL on stdin.write() if the child process is still running but closed the pipe. - bpo-30378: Fix the problem that logging.handlers.SysLogHandler cannot handle IPv6 addresses. - bpo-29960: Preserve generator state when _random.Random.setstate() raises an exception. Patch by Bryan Olson. - bpo-30310: tkFont now supports unicode options (e.g. font family). - bpo-30414: multiprocessing.Queue._feed background running thread do not break from main loop on exception. - bpo-30003: Fix handling escape characters in HZ codec. Based on patch by Ma Lin. - bpo-30375: Warnings emitted when compile a regular expression now always point to the line in the user code. Previously they could point into inners of the re module if emitted from inside of groups or conditionals. - bpo-30363: Running Python with the -3 option now warns about regular expression syntax that is invalid or has different semantic in Python 3 or will change the behavior in future Python versions. - bpo-30365: Running Python with the -3 option now emits deprecation warnings for getchildren() and getiterator() methods of the Element class in the xml.etree.cElementTree module and when pass the html argument to xml.etree.ElementTree.XMLParser(). - bpo-30365: Fixed a deprecation warning about the doctype() method of the xml.etree.ElementTree.XMLParser class. Now it is emitted only when define the doctype() method in the subclass of XMLParser. - bpo-30329: imaplib now catchs the Windows socket WSAEINVAL error (code 10022) on shutdown(SHUT_RDWR): An invalid operation was attempted. This error occurs sometimes on SSL connections. - bpo-30342: Fix sysconfig.is_python_build() if Python is built with Visual Studio 2008 (VS 9.0). - bpo-29990: Fix range checking in GB18030 decoder. Original patch by Ma Lin. - bpo-30243: Removed the __init__ methods of _json's scanner and encoder. Misusing them could cause memory leaks or crashes. Now scanner and encoder objects are completely initialized in the __new__ methods. - bpo-26293: Change resulted because of zipfile breakage. (See also: bpo-29094) - bpo-30070: Fixed leaks and crashes in errors handling in the parser module. - bpo-30061: Fixed crashes in IOBase methods next() and readlines() when readline() or next() respectively return non-sizeable object. Fixed possible other errors caused by not checking results of PyObject_Size(), PySequence_Size(), or PyMapping_Size(). - bpo-30011: Fixed race condition in HTMLParser.unescape(). - bpo-30068: _io._IOBase.readlines will check if it's closed first when hint is present. - bpo-27863: Fixed multiple crashes in ElementTree caused by race conditions and wrong types. - bpo-29942: Fix a crash in itertools.chain.from_iterable when encountering long runs of empty iterables. - bpo-29861: Release references to tasks, their arguments and their results as soon as they are finished in multiprocessing.Pool. - bpo-27880: Fixed integer overflow in cPickle when pickle large strings or too many objects. - bpo-29110: Fix file object leak in aifc.open() when file is given as a filesystem path and is not in valid AIFF format. Original patch by Anthony Zhang. - bpo-29354: Fixed inspect.getargs() for parameters which are cell variables. - bpo-29335: Fix subprocess.Popen.wait() when the child process has exited to a stopped instead of terminated state (ex: when under ptrace). - bpo-29219: Fixed infinite recursion in the repr of uninitialized ctypes.CDLL instances. - bpo-29082: Fixed loading libraries in ctypes by unicode names on Windows. Original patch by Chi Hsuan Yen. - bpo-29188: Support glibc 2.24 on Linux: don't use getentropy() function but read from /dev/urandom to get random bytes, for example in os.urandom(). On Linux, getentropy() is implemented which getrandom() is blocking mode, whereas os.urandom() should not block. - bpo-29142: In urllib, suffixes in no_proxy environment variable with leading dots could match related hostnames again (e.g. .b.c matches a.b.c). Patch by Milan Oberkirch. - bpo-13051: Fixed recursion errors in large or resized curses.textpad.Textbox. Based on patch by Tycho Andersen. - bpo-9770: curses.ascii predicates now work correctly with negative integers. - bpo-28427: old keys should not remove new values from WeakValueDictionary when collecting from another thread. - bpo-28998: More APIs now support longs as well as ints. - bpo-28923: Remove editor artifacts from Tix.py, including encoding not recognized by codecs.lookup. - bpo-29019: Fix dict.fromkeys(x) overallocates when x is sparce dict. Original patch by Rasmus Villemoes. - bpo-19542: Fix bugs in WeakValueDictionary.setdefault() and WeakValueDictionary.pop() when a GC collection happens in another thread. - bpo-28925: cPickle now correctly propagates errors when unpickle instances of old-style classes. Documentation ------------- - bpo-27212: Modify documentation for the :func:`islice` recipe to consume initial values up to the start index. - bpo-32800: Update link to w3c doc for xml default namespaces. - bpo-17799: Explain real behaviour of sys.settrace and sys.setprofile and their C-API counterparts regarding which type of events are received in each function. Patch by Pablo Galindo Salgado. - bpo-8243: Add a note about curses.addch and curses.addstr exception behavior when writing outside a window, or pad. - bpo-21649: Add RFC 7525 and Mozilla server side TLS links to SSL documentation. - bpo-30176: Add missing attribute related constants in curses documentation. - bpo-28929: Link the documentation to its source file on GitHub. - bpo-26355: Add canonical header link on each page to corresponding major version of the documentation. Patch by Matthias Bussonnier. - bpo-12067: Rewrite Comparisons section in the Expressions chapter of the language reference. Some of the details of comparing mixed types were incorrect or ambiguous. Added default behaviour and consistency suggestions for user- defined classes. Based on patch from Andy Maier. Tests ----- - bpo-31719: Fix test_regrtest.test_crashed() on s390x. Add a new _testcapi._read_null() function to crash Python in a reliable way on s390x. On s390x, ctypes.string_at(0) returns an empty string rather than crashing. - bpo-31518: Debian Unstable has disabled TLS 1.0 and 1.1 for SSLv23_METHOD(). Change TLS/SSL protocol of some tests to PROTOCOL_TLS or PROTOCOL_TLSv1_2 to make them pass on Debian. - bpo-25674: Remove sha256.tbs-internet.com ssl test - bpo-11790: Fix sporadic failures in test_multiprocessing.WithProcessesTestCondition. - bpo-30236: Backported test.regrtest options -m/--match and -G/--failfast from Python 3. - bpo-30223: To unify running tests in Python 2.7 and Python 3, the test package can be run as a script. This is equivalent to running the test.regrtest module as a script. - bpo-30207: To simplify backports from Python 3, the test.test_support module was converted into a package and renamed to test.support. The test.script_helper module was moved into the test.support package. Names test.test_support and test.script_helper are left as aliases to test.support and test.support.script_helper. - bpo-30197: Enhanced function swap_attr() in the test.test_support module. It now works when delete replaced attribute inside the with statement. The old value of the attribute (or None if it doesn't exist) now will be assigned to the target of the "as" clause, if there is one. Also backported function swap_item(). - bpo-28087: Skip test_asyncore and test_eintr poll failures on macOS. Skip some tests of select.poll when running on macOS due to unresolved issues with the underlying system poll function on some macOS versions. - bpo-15083: Convert ElementTree doctests to unittests. Build ----- - bpo-33163: Upgrade pip to 9.0.3 and setuptools to v39.0.1. - bpo-32616: Disable computed gotos by default for clang < 5.0. It caused significant performance regression. - bpo-32635: Fix segfault of the crypt module when libxcrypt is provided instead of libcrypt at the system. - bpo-31934: Abort the build when building out of a not clean source tree. - bpo-31474: Fix -Wint-in-bool-context warnings in PyMem_MALLOC and PyMem_REALLOC macros - bpo-29243: Prevent unnecessary rebuilding of Python during ``make test``, ``make install`` and some other make targets when configured with ``--enable- optimizations``. - bpo-23404: Don't regenerate generated files based on file modification time anymore: the action is now explicit. Replace ``make touch`` with ``make regen-all``. - bpo-27593: sys.version and the platform module python_build(), python_branch(), and python_revision() functions now use git information rather than hg when building from a repo. - bpo-29643: Fix ``--enable-optimization`` configure option didn't work. - bpo-29572: Update Windows build and OS X installers to use OpenSSL 1.0.2k. - bpo-28768: Fix implicit declaration of function _setmode. Patch by Masayuki Yamamoto Windows ------- - bpo-33184: Update Windows build to use OpenSSL 1.0.2o. - bpo-32903: Fix a memory leak in os.chdir() on Windows if the current directory is set to a UNC path. - bpo-30855: Bump Tcl/Tk to 8.5.19. - bpo-30450: Pull build dependencies from GitHub rather than svn.python.org. macOS ----- - bpo-32726: Provide an additional, more modern macOS installer variant that supports macOS 10.9+ systems in 64-bit mode only. Upgrade the supplied third-party libraries to OpenSSL 1.0.2n and SQLite 3.22.0. The 10.9+ installer now supplies its own private copy of Tcl/Tk 8.6.8. - bpo-24414: Default macOS deployment target is now set by ``configure`` to the build system's OS version (as is done by Python 3), not ``10.4``; override with, for example, ``./configure MACOSX_DEPLOYMENT_TARGET=10.4``. - bpo-17128: All 2.7 macOS installer variants now supply their own version of ``OpenSSL 1.0.2``; the Apple-supplied SSL libraries and root certificates are not longer used. The ``Installer Certificate`` command in ``/Applications/Python 2.7`` may be used to download and install a default set of root certificates from the third-party ``certifi`` package. - bpo-11485: python.org macOS Pythons no longer supply a default SDK value (e.g. ``-isysroot /``) or specific compiler version default (e.g. ``gcc-4.2``) when building extension modules. Use ``CC``, ``SDKROOT``, and ``DEVELOPER_DIR`` environment variables to override compilers or to use an SDK. See Apple's ``xcrun`` man page for more info. - bpo-33184: Update macOS installer build to use OpenSSL 1.0.2o. Tools/Demos ----------- - bpo-31920: Fixed handling directories as arguments in the ``pygettext`` script. Based on patch by Oleg Krasnikov. - bpo-30109: Fixed Tools/scripts/reindent.py for non-ASCII files. It now processes files as binary streams. This also fixes "make reindent". - bpo-24960: 2to3 and lib2to3 can now read pickled grammar files using pkgutil.get_data() rather than probing the filesystem. This lets 2to3 and lib2to3 work when run from a zipfile. C API ----- - bpo-20891: Fix PyGILState_Ensure(). When PyGILState_Ensure() is called in a non-Python thread before PyEval_InitThreads(), only call PyEval_InitThreads() after calling PyThreadState_New() to fix a crash. - bpo-31626: When Python is built in debug mode, the memory debug hooks now fail with a fatal error if realloc() fails to shrink a memory block, because the debug hook just erased freed bytes without keeping a copy of them. @ text @d1 1 a1 1 $NetBSD$ d3 4 a6 4 SHA1 (Python-2.7.15.tar.xz) = f99348a095ec4a6411c84c0d15343d11920c9724 RMD160 (Python-2.7.15.tar.xz) = 4bbb2b0012b82e1b27661a08305fad461371679f SHA512 (Python-2.7.15.tar.xz) = 27ea43eb45fc68f3d2469d5f07636e10801dee11635a430ec8ec922ed790bb426b072da94df885e4dfa1ea8b7a24f2f56dd92f9b0f51e162330f161216bd6de6 Size (Python-2.7.15.tar.xz) = 12642436 bytes d22 2 a23 2 SHA1 (patch-ah) = e74afa778af669605f9089e67b70953a271589a8 SHA1 (patch-al) = 999700e96dd227cdd16cea3ae1001eb887ab8fee @ 1.67.4.2 log @Pullup ticket #5764 - requested by leot lang/python27: build fix devel/py-curses: build fix Revisions pulled up: - devel/py-curses/Makefile 1.47 - lang/python27/distinfo 1.69 - lang/python27/patches/patch-ah deleted --- Module Name: pkgsrc Committed By: leot Date: Sun Jun 3 07:49:27 UTC 2018 Modified Files: pkgsrc/devel/py-curses: Makefile pkgsrc/lang/python27: distinfo Removed Files: pkgsrc/lang/python27/patches: patch-ah Log Message: python27: Remove patches/patch-ah (no longer needed) Since Python 2.7.15 patches/patch-ah is no longer needed and badly interfere (e.g. with it `curses.KEY_*' are no longer exposed): - Prototypes of NetBSD curses(3) are as described, no need to patch them - Avoid {lines,columns} -> {nlines,columns} rename, they are properly undef-ed due HAVE_TERM_H. - Use keyname() (it should be present since NetBSD 2.0) Bump PKGREVISION for devel/py-curses so it will be properly rebuild. Fixes PR pkg/53330 reported by . @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.67.4.1 2018/05/24 15:50:09 bsiegert Exp $ d22 1 @ 1.66 log @lang/python27: update to 2.7.14 Python 2.7.14: Core and Builtins - bpo-30657: Fixed possible integer overflow in PyString_DecodeEscape. - bpo-27945: Fixed various segfaults with dict when input collections are mutated during searching, inserting or comparing. Based on patches by Duane Griffin and Tim Mitchell. - bpo-25794: Fixed type.__setattr__() and type.__delattr__() for non-interned or unicode attribute names. Based on patch by Eryk Sun. - bpo-29935: Fixed error messages in the index() method of tuple and list when pass indices of wrong type. - bpo-28598: Support __rmod__ for subclasses of str being called before str.__mod__. Patch by Martijn Pieters. - bpo-29602: Fix incorrect handling of signed zeros in complex constructor for complex subclasses and for inputs having a __complex__ method. Patch by Serhiy Storchaka. - bpo-29347: Fixed possibly dereferencing undefined pointers when creating weakref objects. - Issue 14376: Allow sys.exit to accept longs as well as ints. Patch by Gareth Rees. - Issue 29028: Fixed possible use-after-free bugs in the subscription of the buffer object with custom index object. - Issue 29145: Fix overflow checks in string, bytearray and unicode. Patch by jan matejek and Xiang Zhang. - Issue 28932: Do not include if it does not exist. Extension Modules - bpo-31170: Update vendorized expat to 2.2.4. - Issue 29169: Update zlib to 1.2.11. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.65 2017/05/22 16:45:19 jperkin Exp $ a18 1 SHA1 (patch-aa) = d9626c1648d7ff2a7da7352665bcb05f4ab0412a @ 1.65 log @Fix SunOS build with GCC 7.1 which defaults to C11. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.64 2017/01/26 23:10:35 wiz Exp $ d3 4 a6 4 SHA1 (Python-2.7.13.tar.xz) = 18a8f30a0356c751b8d0ea6f76e764cab13ee046 RMD160 (Python-2.7.13.tar.xz) = be09518cdc335314de1c5ebe181690082ce780d7 SHA512 (Python-2.7.13.tar.xz) = f37c9a28ce129d01e63c84d7db627a06402854578f62d17927334ea21ede318e04bbf66e890e3f47c85333e6b19f6e5581fb3f3e27efd24be27017d1b6529c4b Size (Python-2.7.13.tar.xz) = 12495628 bytes d11 1 a27 1 SHA1 (patch-au) = 0ecdb937cbd58e3dbfa6fb94d1af5838619c77fd @ 1.64 log @Do not install bsddb185 module by default. Bump PKGREVISION. Based on patch from Jesus Cea on tech-pkg. If you need this module, let me know and we can package it separately. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.63 2017/01/08 19:49:15 wiz Exp $ d11 1 @ 1.63 log @regen for patch-ah @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.62 2017/01/05 23:16:42 roy Exp $ d23 1 a23 1 SHA1 (patch-am) = cf82bd1996aea8a8536bd37a74563bb85817c968 @ 1.62 log @Fix prior patches to use is_pad(3) rather than is_keypad(3). Bump py-curses. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.61 2017/01/04 14:14:28 roy Exp $ d21 1 a21 1 SHA1 (patch-ah) = 142634dab30923bb785e488af3561f09dda51549 @ 1.61 log @Fix typo in patch to address PR pkg/51778. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.60 2017/01/02 20:52:46 roy Exp $ d21 1 a21 1 SHA1 (patch-ah) = 98147908ab33274fa856c7aee98e49c9b7344967 @ 1.60 log @se ncurses is_keypad function rather than directly looking at the WINDOW structure. Include when needed and rename lines and columns vars to avoid conflicts. Builds and works with NetBSD-8 curses, so use mk/curses.buildlink3.mk and test for getsyx(3) in curses rather than indescriminately linking to ncurses. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.59 2016/12/30 10:53:21 adam Exp $ d21 1 a21 1 SHA1 (patch-ah) = f6e7ad94501bfee30dc7bb8336dbb4284e5ee84e @ 1.59 log @Changes 2.7.13: Core and Builtins ----------------- - Issue 28847: dumbdbm no longer writes the index file in when it is not changed and supports reading read-only files. - Issue 11145: Fixed miscellaneous issues with C-style formatting of types with custom __oct__ and __hex__. - Issue 24469: Fixed memory leak caused by int subclasses without overridden tp_free (e.g. C-inherited Cython classes). - Issue 19398: Extra slash no longer added to sys.path components in case of empty compile-time PYTHONPATH components. - Issue 21720: Improve exception message when the type of fromlist is unicode. fromlist parameter of __import__() only accepts str in Python 2 and this will help to identify the problem especially when the unicode_literals future import is used. - Issue 26906: Resolving special methods of uninitialized type now causes implicit initialization of the type instead of a fail. - Issue 18287: PyType_Ready() now checks that tp_name is not NULL. Original patch by Niklas Koep. - Issue 24098: Fixed possible crash when AST is changed in process of compiling it. - Issue 28350: String constants with null character no longer interned. - Issue 27942: String constants now interned recursively in tuples and frozensets. - Issue 15578: Correctly incref the parent module while importing. - Issue 26307: The profile-opt build now applies PGO to the built-in modules. - Issue 26020: set literal evaluation order did not match documented behaviour. - Issue 27870: A left shift of zero by a large integer no longer attempts to allocate large amounts of memory. - Issue 25604: Fix a minor bug in integer true division; this bug could potentially have caused off-by-one-ulp results on platforms with unreliable ldexp implementations. - Issue 27473: Fixed possible integer overflow in str, unicode and bytearray concatenations and repetitions. Based on patch by Xiang Zhang. - Issue 27507: Add integer overflow check in bytearray.extend(). Patch by Xiang Zhang. - Issue 27581: Don't rely on wrapping for overflow check in PySequence_Tuple(). Patch by Xiang Zhang. - Issue 23908: os functions, open() and the io.FileIO constructor now reject unicode paths with embedded null character on Windows instead of silently truncating them. - Issue 27514: Make having too many statically nested blocks a SyntaxError instead of SystemError. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.58 2016/07/26 16:44:28 kamil Exp $ d21 1 a21 1 SHA1 (patch-ah) = 90b19239d8a7c8abc3bbc05d49408a2c5da6174d @ 1.58 log @Add an option for Python: x11 Fix build on systems with disabled X11 Reported by , Andreas Kusalananda Kahari Tested by Andreas Kusalananda Kahari Possible direction is to make this switch by default disabled on Darwin. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.57 2016/07/23 18:28:26 kamil Exp $ d3 4 a6 4 SHA1 (Python-2.7.12.tar.xz) = 05360b8ade117b35e266b2004a7f1f11250c6dcd RMD160 (Python-2.7.12.tar.xz) = c330f6ac08ed67f307de0e726a288bab16c832d5 SHA512 (Python-2.7.12.tar.xz) = 6ddbbce47cc49597433d98ca05c2f62f07ed1070807b645602a8e9e9b996adc6fa66fa20a33cd7d23d4e7e925e25071d7301d288149fbe4e8c5f06d5438dda1f Size (Python-2.7.12.tar.xz) = 12390820 bytes @ 1.57 log @Fix dlopen(3) calls in _ctypes.so for X11BASE libraries A Python code can dynamically load shared libraries and it's wrapped with a plain dlopen(3) call. The holder of this interface (_ctypes module) without rpath set to X11BASE cannot detect libs like 'GL'. This might be the last step to fix issues with running GUI Python applications on NetBSD. Bump PKGREVISION. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.56 2016/07/11 12:17:13 ryoon Exp $ d23 1 a23 1 SHA1 (patch-am) = 5e763a0fe26be562cf5e49e6313a9f18d9ee9908 @ 1.56 log @Bump PKGREVISION. Do not assume longer name for POSIX semaphore under NetBSD According to sem_open(3) man page, NetBSD supports 15 chars length. Fix SemLock errno 63 ENAMETOOLONG under NetBSD. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.55 2016/07/02 15:05:43 adam Exp $ d23 1 a23 1 SHA1 (patch-am) = a7697dda83b151fdd30d460bdcf5ab3cc057c92b @ 1.55 log @Changes 2.7.2: Core and Builtins ----------------- - Issue 20041: Fixed TypeError when frame.f_trace is set to None. Patch by Xavier de Gaye. - Issue 25702: A --with-lto configure option has been added that will enable link time optimizations at build time during a make profile-opt. Some compilers and toolchains are known to not produce stable code when using LTO, be sure to test things thoroughly before relying on it. It can provide a few % speed up over profile-opt alone. - Issue 26168: Fixed possible refleaks in failing Py_BuildValue() with the "N" format unit. - Issue 27039: Fixed bytearray.remove() for values greater than 127. Patch by Joe Jevnik. - Issue 4806: Avoid masking the original TypeError exception when using star (*) unpacking and the exception was raised from a generator. Based on patch by Hagen Fürstenau. - Issue 26659: Make the builtin slice type support cycle collection. - Issue 26718: super.__init__ no longer leaks memory if called multiple times. NOTE: A direct call of super.__init__ is not endorsed! - Issue 13410: Fixed a bug in PyUnicode_Format where it failed to properly ignore errors from a __int__() method. - Issue 26494: Fixed crash on iterating exhausting iterators. Affected classes are generic sequence iterators, iterators of bytearray, list, tuple, set, frozenset, dict, OrderedDict and corresponding views. - Issue 26581: If coding cookie is specified multiple times on a line in Python source code file, only the first one is taken to account. - Issue 22836: Ensure exception reports from PyErr_Display() and PyErr_WriteUnraisable() are sensible even when formatting them produces secondary errors. This affects the reports produced by sys.__excepthook__() and when __del__() raises an exception. - Issue 22847: Improve method cache efficiency. - Issue 25843: When compiling code, don't merge constants if they are equal but have a different types. For example, ``f1, f2 = lambda: 1, lambda: 1.0`` is now correctly compiled to two different functions: ``f1()`` returns ``1`` (``int``) and ``f2()`` returns ``1.0`` (``int``), even if ``1`` and ``1.0`` are equal. - Issue 22995: [UPDATE] Remove the one of the pickleability tests in _PyObject_GetState() due to regressions observed in Cython-based projects. - Issue 25961: Disallowed null characters in the type name. - Issue 22995: Instances of extension types with a state that aren't subclasses of list or dict and haven't implemented any pickle-related methods (__reduce__, __reduce_ex__, __getnewargs__, __getnewargs_ex__, or __getstate__), can no longer be pickled. Including memoryview. - Issue 20440: Massive replacing unsafe attribute setting code with special macro Py_SETREF. - Issue 25421: __sizeof__ methods of builtin types now use dynamic basic size. This allows sys.getsize() to work correctly with their subclasses with __slots__ defined. - Issue 19543: Added Py3k warning for decoding unicode. - Issue 24097: Fixed crash in object.__reduce__() if slot name is freed inside __getattr__. - Issue 24731: Fixed crash on converting objects with special methods __str__, __trunc__, and __float__ returning instances of subclasses of str, long, and float to subclasses of str, long, and float correspondingly. - Issue 26478: Fix semantic bugs when using binary operators with dictionary views and tuples. - Issue 26171: Fix possible integer overflow and heap corruption in zipimporter.get_data(). Library ------- - Issue 26556: Update expat to 2.1.1, fixes CVE-2015-1283. - Fix TLS stripping vulnerability in smptlib, CVE-2016-0772. Reported by Team Oststrom - Issue 7356: ctypes.util: Make parsing of ldconfig output independent of the locale. - Issue 25738: Stop BaseHTTPServer.BaseHTTPRequestHandler.send_error() from sending a message body for 205 Reset Content. Also, don't send the Content-Type header field in responses that don't have a body. Based on patch by Susumu Koshiba. - Issue 21313: Fix the "platform" module to tolerate when sys.version contains truncated build information. - Issue 27211: Fix possible memory corruption in io.IOBase.readline(). - Issue 27114: Fix SSLContext._load_windows_store_certs fails with PermissionError - Issue 14132: Fix urllib.request redirect handling when the target only has a query string. Fix by Ján Janech. - Removed the requirements for the ctypes and modulefinder modules to be compatible with earlier Python versions. - Issue 22274: In the subprocess module, allow stderr to be redirected to stdout even when stdout is not redirected. Patch by Akira Li. - Issue 12045: Avoid duplicate execution of command in ctypes.util._get_soname(). Patch by Sijin Joseph. - Issue 26960: Backported 16270 from Python 3 to Python 2, to prevent urllib from hanging when retrieving certain FTP files. - Issue 25745: Fixed leaking a userptr in curses panel destructor. - Issue 17765: weakref.ref() no longer silently ignores keyword arguments. Patch by Georg Brandl. - Issue 26873: xmlrpclib now raises ResponseError on unsupported type tags instead of silently return incorrect result. - Issue 24114: Fix an uninitialized variable in `ctypes.util`. The bug only occurs on SunOS when the ctypes implementation searches for the `crle` program. Patch by Xiang Zhang. Tested on SunOS by Kees Bos. - Issue 26864: In urllib, change the proxy bypass host checking against no_proxy to be case-insensitive, and to not match unrelated host names that happen to have a bypassed hostname as a suffix. Patch by Xiang Zhang. - Issue 26804: urllib will prefer lower_case proxy environment variables over UPPER_CASE or Mixed_Case ones. Patch contributed by Hans-Peter Jansen. - Issue 26837: assertSequenceEqual() now correctly outputs non-stringified differing items. This affects assertListEqual() and assertTupleEqual(). - Issue 26822: itemgetter, attrgetter and methodcaller objects no longer silently ignore keyword arguments. - Issue 26657: Fix directory traversal vulnerability with SimpleHTTPServer on Windows. This fixes a regression that was introduced in 2.7.7. Based on patch by Philipp Hagemeister. - Issue 19377: Add .svg to mimetypes.types_map. - Issue 13952: Add .csv to mimetypes.types_map. Patch by Geoff Wilson. - Issue 16329: Add .webm to mimetypes.types_map. Patch by Giampaolo Rodola'. - Issue 23735: Handle terminal resizing with Readline 6.3+ by installing our own SIGWINCH handler. Patch by Eric Price. - Issue 26644: Raise ValueError rather than SystemError when a negative length is passed to SSLSocket.recv() or read(). - Issue 23804: Fix SSL recv(0) and read(0) methods to return zero bytes instead of up to 1024. - Issue 24266: Ctrl+C during Readline history search now cancels the search mode when compiled with Readline 7. - Issue 23857: Implement PEP 493, adding a Python-2-only ssl module API and environment variable to configure the default handling of SSL/TLS certificates for HTTPS connections. - Issue 26313: ssl.py _load_windows_store_certs fails if windows cert store is empty. Patch by Baji. - Issue 26513: Fixes platform module detection of Windows Server - Issue 23718: Fixed parsing time in week 0 before Jan 1. Original patch by Tamás Bence Gedai. - Issue 26177: Fixed the keys() method for Canvas and Scrollbar widgets. - Issue 15068: Got rid of excessive buffering in the fileinput module. The bufsize parameter is no longer used. - Issue 2202: Fix UnboundLocalError in AbstractDigestAuthHandler.get_algorithm_impls. Initial patch by Mathieu Dupuy. - Issue 26475: Fixed debugging output for regular expressions with the (?x) flag. - Issue 26385: Remove the file if the internal fdopen() call in NamedTemporaryFile() fails. Based on patch by Silent Ghost. - Issue 26309: In the "socketserver" module, shut down the request (closing the connected socket) when verify_request() returns false. Based on patch by Aviv Palivoda. - Issue 25939: On Windows open the cert store readonly in ssl.enum_certificates. - Issue 24303: Fix random EEXIST upon multiprocessing semaphores creation with Linux PID namespaces enabled. - Issue 25698: Importing module if the stack is too deep no longer replaces imported module with the empty one. - Issue 12923: Reset FancyURLopener's redirect counter even if there is an exception. Based on patches by Brian Brazil and Daniel Rocco. - Issue 25945: Fixed a crash when unpickle the functools.partial object with wrong state. Fixed a leak in failed functools.partial constructor. "args" and "keywords" attributes of functools.partial have now always types tuple and dict correspondingly. - Issue 19883: Fixed possible integer overflows in zipimport. - Issue 26147: xmlrpclib now works with unicode not encodable with used non-UTF-8 encoding. - Issue 16620: Fixed AttributeError in msilib.Directory.glob(). - Issue 21847: Fixed xmlrpclib on Unicode-disabled builds. - Issue 6500: Fixed infinite recursion in urllib2.Request.__getattr__(). - Issue 26083: Workaround a subprocess bug that raises an incorrect "ValueError: insecure string pickle" exception instead of the actual exception on some platforms such as Mac OS X when an exception raised in the forked child process prior to the exec() was large enough that it overflowed the internal errpipe_read pipe buffer. - Issue 24103: Fixed possible use after free in ElementTree.iterparse(). - Issue 20954: _args_from_interpreter_flags used by multiprocessing and some tests no longer behaves incorrectly in the presence of the PYTHONHASHSEED environment variable. - Issue 14285: When executing a package with the "python -m package" option, and package initialization raises ImportError, a proper traceback is now reported. - Issue 6478: _strptime's regexp cache now is reset after changing timezone with time.tzset(). - Issue 25718: Fixed copying object with state with boolean value is false. - Issue 25742: :func:`locale.setlocale` now accepts a Unicode string for its second parameter. - Issue 10131: Fixed deep copying of minidom documents. Based on patch by Marian Ganisin. - Issue 25725: Fixed a reference leak in cPickle.loads() when unpickling invalid data including tuple instructions. - Issue 25663: In the Readline completer, avoid listing duplicate global names, and search the global namespace before searching builtins. - Issue 25688: Fixed file leak in ElementTree.iterparse() raising an error. - Issue 23914: Fixed SystemError raised by CPickle unpickler on broken data. - Issue 25924: Avoid unnecessary serialization of getaddrinfo(3) calls on OS X versions 10.5 or higher. Original patch by A. Jesse Jiryu Davis. - Issue 26406: Avoid unnecessary serialization of getaddrinfo(3) calls on current versions of OpenBSD and NetBSD. Patch by A. Jesse Jiryu Davis. IDLE ---- - Issue 5124: Paste with text selected now replaces the selection on X11. This matches how paste works on Windows, Mac, most modern Linux apps, and ttk widgets. Original patch by Serhiy Storchaka. - Issue 24759: Make clear in idlelib.idle_test.__init__ that the directory is a private implementation of test.test_idle and tool for maintainers. - Issue 26673: When tk reports font size as 0, change to size 10. Such fonts on Linux prevented the configuration dialog from opening. - Issue 27044: Add ConfigDialog.remove_var_callbacks to stop memory leaks. - In the 'IDLE-console differences' section of the IDLE doc, clarify how running with IDLE affects sys.modules and the standard streams. - Issue 25507: fix incorrect change in IOBinding that prevented printing. Change also prevented saving shell window with non-ascii characters. Augment IOBinding htest to include all major IOBinding functions. - Issue 25905: Revert unwanted conversion of ' to ’ RIGHT SINGLE QUOTATION MARK in README.txt and open this and NEWS.txt with 'ascii'. Re-encode CREDITS.txt to utf-8 and open it with 'utf-8'. - Issue 26417: Prevent spurious errors and incorrect defaults when installing IDLE 2.7 on OS X: default configuration settings are no longer installed from OS X specific copies. Documentation ------------- - Issue 26736: Used HTTPS for external links in the documentation if possible. - Issue 6953: Rework the Readline module documentation to group related functions together, and add more details such as what underlying Readline functions and variables are accessed. - Issue 26014: Guide users to the newer packaging documentation as was done for Python 3.x. In particular, the top-level 2.7 documentation page now links to the newer installer and distributions pages rather than the legacy install and Distutils pages; these are still linked to in the library/distutils doc page. Tests ----- - Issue 21916: Added tests for the turtle module. Patch by ingrid, Gregory Loyse and Jelle Zijlstra. - Issue 25940: Changed test_ssl to use self-signed.pythontest.net. This avoids relying on svn.python.org, which recently changed root certificate. - Issue 25616: Tests for OrderedDict are extracted from test_collections into separate file test_ordered_dict. Build ----- - Issue 22359: Avoid incorrect recursive $(MAKE), and disable the rules for running pgen when cross-compiling. The pgen output is normally saved with the source code anyway, and is still regenerated when doing a native build. Patch by Jonas Wagner and Xavier de Gaye. - Issue 19450: Update Windows builds to use SQLite 3.8.11.0. - Issue 27229: Fix the cross-compiling pgen rule for in-tree builds. Patch by Xavier de Gaye. - Issue 17603: Avoid error about nonexistant fileblocks.o file by using a lower-level check for st_blocks in struct stat. - Issue 26465: Update Windows builds to use OpenSSL 1.0.2g. - Issue 24421: Compile Modules/_math.c once, before building extensions. Previously it could fail to compile properly if the math and cmath builds were concurrent. - Issue 25824: Fixes sys.winver to not include any architecture suffix. - Issue 25348: Added ``--pgo`` and ``--pgo-job`` arguments to ``PCbuild\build.bat`` for building with Profile-Guided Optimization. The old ``PCbuild\build_pgo.bat`` script is now deprecated, and simply calls ``PCbuild\build.bat --pgo %*``. - Issue 25827: Add support for building with ICC to ``configure``, including a new ``--with-icc`` flag. - Issue 25696: Fix installation of Python on UNIX with make -j9. - Issue 26930: Update OS X 10.5+ 32-bit-only installer to build and link with OpenSSL 1.0.2h. - Issue 26268: Update Windows builds to use OpenSSL 1.0.2f. - Issue 25136: Support Apple Xcode 7's new textual SDK stub libraries. Tools/Demos ----------- - Issue 26799: Fix python-gdb.py: don't get C types once when the Python code is loaded, but get C types on demand. The C types can change if python-gdb.py is loaded before the Python executable. Patch written by Thomas Ilsche. C API ----- - Issue 26476: Fixed compilation error when use PyErr_BadInternalCall() in C++. Patch by Jeroen Demeyer. Misc ---- - Issue 17500, and https://github.com/python/pythondotorg/issues/945: Remove unused and outdated icons. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.54 2016/02/06 11:25:09 tron Exp $ d11 1 @ 1.54 log @Use the "cacert.pem" file from the "mozilla-rootcerts" package as an *extra* location to load CA certificates from in the "ssl" module. HTTPS requests to a site with a valid certificate now work out of the box (even without the "mozilla-rootcerts-openssl"). @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.53 2015/12/06 18:22:35 adam Exp $ d3 4 a6 4 SHA1 (Python-2.7.11.tar.xz) = c3b8bbe3f084c4d4ea13ffb03d75a5e22f9756ff RMD160 (Python-2.7.11.tar.xz) = 215c72b1d81e878a675984783ed8df041ee7539c SHA512 (Python-2.7.11.tar.xz) = 72166763a2fe6aab45ecf378f55a1efc7322d1742c4638bae84f4ed4b9fb4c01f2a0293733c64426ae2c70df24d95ff2b1e2a4f3c2715de00d8f320d4d939ea0 Size (Python-2.7.11.tar.xz) = 12277476 bytes d9 1 a9 1 SHA1 (patch-Lib_distutils_unixccompiler.py) = def4142633b8f6b75e905b5c57be1d5c19b42d33 @ 1.54.4.1 log @Pullup ticket #5090 - requested by sevan lang/python27: security fix Revisions pulled up: - lang/python27/Makefile 1.61 - lang/python27/PLIST.common 1.15 - lang/python27/dist.mk 1.12 - lang/python27/distinfo 1.55 - lang/python27/patches/patch-Lib_distutils_unixccompiler.py 1.4 --- Module Name: pkgsrc Committed By: adam Date: Sat Jul 2 15:05:43 UTC 2016 Modified Files: pkgsrc/lang/python27: Makefile PLIST.common dist.mk distinfo pkgsrc/lang/python27/patches: patch-Lib_distutils_unixccompiler.py Log Message: Changes 2.7.2: Core and Builtins ----------------- - Issue 20041: Fixed TypeError when frame.f_trace is set to None. Patch by Xavier de Gaye. - Issue 25702: A --with-lto configure option has been added that will enable link time optimizations at build time during a make profile-opt. Some compilers and toolchains are known to not produce stable code when using LTO, be sure to test things thoroughly before relying on it. It can provide a few % speed up over profile-opt alone. - Issue 26168: Fixed possible refleaks in failing Py_BuildValue() with the "N" format unit. - Issue 27039: Fixed bytearray.remove() for values greater than 127. Patch by Joe Jevnik. - Issue 4806: Avoid masking the original TypeError exception when using star (*) unpacking and the exception was raised from a generator. Based on patch by Hagen Fu:rstenau. - Issue 26659: Make the builtin slice type support cycle collection. - Issue 26718: super.__init__ no longer leaks memory if called multiple times. NOTE: A direct call of super.__init__ is not endorsed! - Issue 13410: Fixed a bug in PyUnicode_Format where it failed to properly ignore errors from a __int__() method. - Issue 26494: Fixed crash on iterating exhausting iterators. Affected classes are generic sequence iterators, iterators of bytearray, list, tuple, set, frozenset, dict, OrderedDict and corresponding views. - Issue 26581: If coding cookie is specified multiple times on a line in Python source code file, only the first one is taken to account. - Issue 22836: Ensure exception reports from PyErr_Display() and PyErr_WriteUnraisable() are sensible even when formatting them produces secondary errors. This affects the reports produced by sys.__excepthook__() and when __del__() raises an exception. - Issue 22847: Improve method cache efficiency. - Issue 25843: When compiling code, don't merge constants if they are equal but have a different types. For example, ``f1, f2 = lambda: 1, lambda: 1.0`` is now correctly compiled to two different functions: ``f1()`` returns ``1`` (``int``) and ``f2()`` returns ``1.0`` (``int``), even if ``1`` and ``1.0`` are equal. - Issue 22995: [UPDATE] Remove the one of the pickleability tests in _PyObject_GetState() due to regressions observed in Cython-based projects. - Issue 25961: Disallowed null characters in the type name. - Issue 22995: Instances of extension types with a state that aren't subclasses of list or dict and haven't implemented any pickle-related methods (__reduce__, __reduce_ex__, __getnewargs__, __getnewargs_ex__, or __getstate__), can no longer be pickled. Including memoryview. - Issue 20440: Massive replacing unsafe attribute setting code with special macro Py_SETREF. - Issue 25421: __sizeof__ methods of builtin types now use dynamic basic size. This allows sys.getsize() to work correctly with their subclasses with __slots__ defined. - Issue 19543: Added Py3k warning for decoding unicode. - Issue 24097: Fixed crash in object.__reduce__() if slot name is freed inside __getattr__. - Issue 24731: Fixed crash on converting objects with special methods __str__, __trunc__, and __float__ returning instances of subclasses of str, long, and float to subclasses of str, long, and float correspondingly. - Issue 26478: Fix semantic bugs when using binary operators with dictionary views and tuples. - Issue 26171: Fix possible integer overflow and heap corruption in zipimporter.get_data(). Library ------- - Issue 26556: Update expat to 2.1.1, fixes CVE-2015-1283. - Fix TLS stripping vulnerability in smptlib, CVE-2016-0772. Reported by Team Oststrom - Issue 7356: ctypes.util: Make parsing of ldconfig output independent of the locale. - Issue 25738: Stop BaseHTTPServer.BaseHTTPRequestHandler.send_error() from sending a message body for 205 Reset Content. Also, don't send the Content-Type header field in responses that don't have a body. Based on patch by Susumu Koshiba. - Issue 21313: Fix the "platform" module to tolerate when sys.version contains truncated build information. - Issue 27211: Fix possible memory corruption in io.IOBase.readline(). - Issue 27114: Fix SSLContext._load_windows_store_certs fails with PermissionError - Issue 14132: Fix urllib.request redirect handling when the target only has a query string. Fix by Ja'n Janech. - Removed the requirements for the ctypes and modulefinder modules to be compatible with earlier Python versions. - Issue 22274: In the subprocess module, allow stderr to be redirected to stdout even when stdout is not redirected. Patch by Akira Li. - Issue 12045: Avoid duplicate execution of command in ctypes.util._get_soname(). Patch by Sijin Joseph. - Issue 26960: Backported 16270 from Python 3 to Python 2, to prevent urllib from hanging when retrieving certain FTP files. - Issue 25745: Fixed leaking a userptr in curses panel destructor. - Issue 17765: weakref.ref() no longer silently ignores keyword arguments. Patch by Georg Brandl. - Issue 26873: xmlrpclib now raises ResponseError on unsupported type tags instead of silently return incorrect result. - Issue 24114: Fix an uninitialized variable in `ctypes.util`. The bug only occurs on SunOS when the ctypes implementation searches for the `crle` program. Patch by Xiang Zhang. Tested on SunOS by Kees Bos. - Issue 26864: In urllib, change the proxy bypass host checking against no_proxy to be case-insensitive, and to not match unrelated host names that happen to have a bypassed hostname as a suffix. Patch by Xiang Zhang. - Issue 26804: urllib will prefer lower_case proxy environment variables over UPPER_CASE or Mixed_Case ones. Patch contributed by Hans-Peter Jansen. - Issue 26837: assertSequenceEqual() now correctly outputs non-stringified differing items. This affects assertListEqual() and assertTupleEqual(). - Issue 26822: itemgetter, attrgetter and methodcaller objects no longer silently ignore keyword arguments. - Issue 26657: Fix directory traversal vulnerability with SimpleHTTPServer on Windows. This fixes a regression that was introduced in 2.7.7. Based on patch by Philipp Hagemeister. - Issue 19377: Add .svg to mimetypes.types_map. - Issue 13952: Add .csv to mimetypes.types_map. Patch by Geoff Wilson. - Issue 16329: Add .webm to mimetypes.types_map. Patch by Giampaolo Rodola'. - Issue 23735: Handle terminal resizing with Readline 6.3+ by installing our own SIGWINCH handler. Patch by Eric Price. - Issue 26644: Raise ValueError rather than SystemError when a negative length is passed to SSLSocket.recv() or read(). - Issue 23804: Fix SSL recv(0) and read(0) methods to return zero bytes instead of up to 1024. - Issue 24266: Ctrl+C during Readline history search now cancels the search mode when compiled with Readline 7. - Issue 23857: Implement PEP 493, adding a Python-2-only ssl module API and environment variable to configure the default handling of SSL/TLS certificates for HTTPS connections. - Issue 26313: ssl.py _load_windows_store_certs fails if windows cert store is empty. Patch by Baji. - Issue 26513: Fixes platform module detection of Windows Server - Issue 23718: Fixed parsing time in week 0 before Jan 1. Original patch by Tama's Bence Gedai. - Issue 26177: Fixed the keys() method for Canvas and Scrollbar widgets. - Issue 15068: Got rid of excessive buffering in the fileinput module. The bufsize parameter is no longer used. - Issue 2202: Fix UnboundLocalError in AbstractDigestAuthHandler.get_algorithm_impls. Initial patch by Mathieu Dupuy. - Issue 26475: Fixed debugging output for regular expressions with the (?x) flag. - Issue 26385: Remove the file if the internal fdopen() call in NamedTemporaryFile() fails. Based on patch by Silent Ghost. - Issue 26309: In the "socketserver" module, shut down the request (closing the connected socket) when verify_request() returns false. Based on patch by Aviv Palivoda. - Issue 25939: On Windows open the cert store readonly in ssl.enum_certificates. - Issue 24303: Fix random EEXIST upon multiprocessing semaphores creation with Linux PID namespaces enabled. - Issue 25698: Importing module if the stack is too deep no longer replaces imported module with the empty one. - Issue 12923: Reset FancyURLopener's redirect counter even if there is an exception. Based on patches by Brian Brazil and Daniel Rocco. - Issue 25945: Fixed a crash when unpickle the functools.partial object with wrong state. Fixed a leak in failed functools.partial constructor. "args" and "keywords" attributes of functools.partial have now always types tuple and dict correspondingly. - Issue 19883: Fixed possible integer overflows in zipimport. - Issue 26147: xmlrpclib now works with unicode not encodable with used non-UTF-8 encoding. - Issue 16620: Fixed AttributeError in msilib.Directory.glob(). - Issue 21847: Fixed xmlrpclib on Unicode-disabled builds. - Issue 6500: Fixed infinite recursion in urllib2.Request.__getattr__(). - Issue 26083: Workaround a subprocess bug that raises an incorrect "ValueError: insecure string pickle" exception instead of the actual exception on some platforms such as Mac OS X when an exception raised in the forked child process prior to the exec() was large enough that it overflowed the internal errpipe_read pipe buffer. - Issue 24103: Fixed possible use after free in ElementTree.iterparse(). - Issue 20954: _args_from_interpreter_flags used by multiprocessing and some tests no longer behaves incorrectly in the presence of the PYTHONHASHSEED environment variable. - Issue 14285: When executing a package with the "python -m package" option, and package initialization raises ImportError, a proper traceback is now reported. - Issue 6478: _strptime's regexp cache now is reset after changing timezone with time.tzset(). - Issue 25718: Fixed copying object with state with boolean value is false. - Issue 25742: :func:`locale.setlocale` now accepts a Unicode string for its second parameter. - Issue 10131: Fixed deep copying of minidom documents. Based on patch by Marian Ganisin. - Issue 25725: Fixed a reference leak in cPickle.loads() when unpickling invalid data including tuple instructions. - Issue 25663: In the Readline completer, avoid listing duplicate global names, and search the global namespace before searching builtins. - Issue 25688: Fixed file leak in ElementTree.iterparse() raising an error. - Issue 23914: Fixed SystemError raised by CPickle unpickler on broken data. - Issue 25924: Avoid unnecessary serialization of getaddrinfo(3) calls on OS X versions 10.5 or higher. Original patch by A. Jesse Jiryu Davis. - Issue 26406: Avoid unnecessary serialization of getaddrinfo(3) calls on current versions of OpenBSD and NetBSD. Patch by A. Jesse Jiryu Davis. IDLE ---- - Issue 5124: Paste with text selected now replaces the selection on X11. This matches how paste works on Windows, Mac, most modern Linux apps, and ttk widgets. Original patch by Serhiy Storchaka. - Issue 24759: Make clear in idlelib.idle_test.__init__ that the directory is a private implementation of test.test_idle and tool for maintainers. - Issue 26673: When tk reports font size as 0, change to size 10. Such fonts on Linux prevented the configuration dialog from opening. - Issue 27044: Add ConfigDialog.remove_var_callbacks to stop memory leaks. - In the 'IDLE-console differences' section of the IDLE doc, clarify how running with IDLE affects sys.modules and the standard streams. - Issue 25507: fix incorrect change in IOBinding that prevented printing. Change also prevented saving shell window with non-ascii characters. Augment IOBinding htest to include all major IOBinding functions. - Issue 25905: Revert unwanted conversion of ' to ? RIGHT SINGLE QUOTATION MARK in README.txt and open this and NEWS.txt with 'ascii'. Re-encode CREDITS.txt to utf-8 and open it with 'utf-8'. - Issue 26417: Prevent spurious errors and incorrect defaults when installing IDLE 2.7 on OS X: default configuration settings are no longer installed from OS X specific copies. Documentation ------------- - Issue 26736: Used HTTPS for external links in the documentation if possible. - Issue 6953: Rework the Readline module documentation to group related functions together, and add more details such as what underlying Readline functions and variables are accessed. - Issue 26014: Guide users to the newer packaging documentation as was done for Python 3.x. In particular, the top-level 2.7 documentation page now links to the newer installer and distributions pages rather than the legacy install and Distutils pages; these are still linked to in the library/distutils doc page. Tests ----- - Issue 21916: Added tests for the turtle module. Patch by ingrid, Gregory Loyse and Jelle Zijlstra. - Issue 25940: Changed test_ssl to use self-signed.pythontest.net. This avoids relying on svn.python.org, which recently changed root certificate. - Issue 25616: Tests for OrderedDict are extracted from test_collections into separate file test_ordered_dict. Build ----- - Issue 22359: Avoid incorrect recursive $(MAKE), and disable the rules for running pgen when cross-compiling. The pgen output is normally saved with the source code anyway, and is still regenerated when doing a native build. Patch by Jonas Wagner and Xavier de Gaye. - Issue 19450: Update Windows builds to use SQLite 3.8.11.0. - Issue 27229: Fix the cross-compiling pgen rule for in-tree builds. Patch by Xavier de Gaye. - Issue 17603: Avoid error about nonexistant fileblocks.o file by using a lower-level check for st_blocks in struct stat. - Issue 26465: Update Windows builds to use OpenSSL 1.0.2g. - Issue 24421: Compile Modules/_math.c once, before building extensions. Previously it could fail to compile properly if the math and cmath builds were concurrent. - Issue 25824: Fixes sys.winver to not include any architecture suffix. - Issue 25348: Added ``--pgo`` and ``--pgo-job`` arguments to ``PCbuild\build.bat`` for building with Profile-Guided Optimization. The old ``PCbuild\build_pgo.bat`` script is now deprecated, and simply calls ``PCbuild\build.bat --pgo %*``. - Issue 25827: Add support for building with ICC to ``configure``, including a new ``--with-icc`` flag. - Issue 25696: Fix installation of Python on UNIX with make -j9. - Issue 26930: Update OS X 10.5+ 32-bit-only installer to build and link with OpenSSL 1.0.2h. - Issue 26268: Update Windows builds to use OpenSSL 1.0.2f. - Issue 25136: Support Apple Xcode 7's new textual SDK stub libraries. Tools/Demos ----------- - Issue 26799: Fix python-gdb.py: don't get C types once when the Python code is loaded, but get C types on demand. The C types can change if python-gdb.py is loaded before the Python executable. Patch written by Thomas Ilsche. C API ----- - Issue 26476: Fixed compilation error when use PyErr_BadInternalCall() in C++. Patch by Jeroen Demeyer. Misc ---- - Issue 17500, and https://github.com/python/pythondotorg/issues/945: Remove unused and outdated icons. @ text @d1 1 a1 1 $NetBSD$ d3 4 a6 4 SHA1 (Python-2.7.12.tar.xz) = 05360b8ade117b35e266b2004a7f1f11250c6dcd RMD160 (Python-2.7.12.tar.xz) = c330f6ac08ed67f307de0e726a288bab16c832d5 SHA512 (Python-2.7.12.tar.xz) = 6ddbbce47cc49597433d98ca05c2f62f07ed1070807b645602a8e9e9b996adc6fa66fa20a33cd7d23d4e7e925e25071d7301d288149fbe4e8c5f06d5438dda1f Size (Python-2.7.12.tar.xz) = 12390820 bytes d9 1 a9 1 SHA1 (patch-Lib_distutils_unixccompiler.py) = db16c9aca2f29730945f28247b88b18828739bbb @ 1.53 log @Python 2.7.11 is the latest bugfix release of the Python 2.7 series. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.52 2015/11/03 22:50:42 agc Exp $ d11 1 @ 1.52 log @Add SHA512 digests for distfiles for lang category Problems found with existing digests: Package nhc98 distfile nhc98src-1.22.tar.gz a8adc8f22371998ee0657bc0e01058a57d876abc [recorded] 81975fcb5f1dda5efeaabc30ce8c6dceae55e591 [calculated] Problems found locating distfiles: Package gcc-aux: missing distfile ada-bootstrap.i386.dragonfly.36A.tar.bz2 Package gcc-aux: missing distfile ada-bootstrap.i386.freebsd.84.tar.bz2 Package gcc-aux: missing distfile ada-bootstrap.x86_64.dragonfly.36A.tar.bz2 Package gcc-aux: missing distfile ada-bootstrap.x86_64.freebsd.84.tar.bz2 Package gcc-aux: missing distfile ada-bootstrap.x86_64.solaris.511.tar.bz2 Package gcc5-aux: missing distfile ada-bootstrap.i386.dragonfly.36A.tar.bz2 Package gcc5-aux: missing distfile ada-bootstrap.i386.freebsd.84.tar.bz2 Package gcc5-aux: missing distfile ada-bootstrap.x86_64.dragonfly.36A.tar.bz2 Package gcc5-aux: missing distfile ada-bootstrap.x86_64.freebsd.84.tar.bz2 Package gcc5-aux: missing distfile ada-bootstrap.x86_64.solaris.511.tar.bz2 Package ghc7: missing distfile ghc-7.6.3-boot-i386-unknown-freebsd.tar.xz Package icc11: missing distfile l_cproc_p_11.1.080.tgz Package jini: missing distfile jini-1_2_1_001-src.zip Package oo2c: missing distfile oo2c_32-2.0.11.tar.bz2 Package openjdk7: missing distfile openjdk7/bootstrap-jdk-1.7.76-freebsd-10-amd64-20150301.tar.xz Package openjdk7: missing distfile openjdk7/bootstrap-jdk-1.7.76-netbsd-5-i386-20150301.tar.xz Package openjdk7: missing distfile openjdk7/bootstrap-jdk-1.7.76-netbsd-6-i386-20150301.tar.xz Package openjdk7: missing distfile openjdk7/bootstrap-jdk-1.7.76-netbsd-7-earmv6hf-20150306.tar.xz Package openjdk7: missing distfile openjdk7/bootstrap-jdk-1.7.76-netbsd-7-sparc64-20150301.tar.xz Package openjdk7: missing distfile openjdk7/bootstrap-jdk7u60-bin-dragonfly-3.8-amd64-20140719.tar.bz2 Package openjdk8: missing distfile openjdk7/bootstrap-jdk-1.7.76-freebsd-10-amd64-20150301.tar.xz Package openjdk8: missing distfile openjdk7/bootstrap-jdk-1.7.76-netbsd-5-i386-20150301.tar.xz Package openjdk8: missing distfile openjdk7/bootstrap-jdk-1.7.76-netbsd-6-i386-20150301.tar.xz Package openjdk8: missing distfile openjdk7/bootstrap-jdk-1.7.76-netbsd-7-earmv6hf-20150306.tar.xz Package openjdk8: missing distfile openjdk7/bootstrap-jdk-1.7.76-netbsd-7-sparc64-20150301.tar.xz Package openjdk8: missing distfile openjdk7/bootstrap-jdk7u60-bin-dragonfly-3.8-amd64-20140719.tar.bz2 Package oracle-jdk8: missing distfile jdk-8u60-linux-i586.tar.gz Package oracle-jdk8: missing distfile jdk-8u60-solaris-x64.tar.gz Package oracle-jre8: missing distfile jre-8u60-linux-i586.tar.gz Package oracle-jre8: missing distfile jre-8u60-solaris-x64.tar.gz Package sun-jdk6: missing distfile jdk-6u45-linux-i586.bin Package sun-jdk6: missing distfile jdk-6u45-solaris-i586.sh Package sun-jdk7: missing distfile jdk-7u72-linux-i586.tar.gz Package sun-jdk7: missing distfile jdk-7u72-solaris-i586.tar.gz Package sun-jre6: missing distfile jce_policy-6.zip Package sun-jre6: missing distfile jre-6u45-linux-x64.bin Package sun-jre6: missing distfile jre-6u45-solaris-x64.sh Package sun-jre7: missing distfile jre-7u72-linux-i586.tar.gz Package sun-jre7: missing distfile jre-7u72-solaris-i586.tar.gz Otherwise, existing SHA1 digests verified and found to be the same on the machine holding the existing distfiles (morden). All existing SHA1 digests retained for now as an audit trail. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.51 2015/05/24 07:44:07 adam Exp $ d3 4 a6 4 SHA1 (Python-2.7.10.tar.xz) = ee5a50c5562e7448f037d35fdedc18d95c748b9e RMD160 (Python-2.7.10.tar.xz) = eb003de9bb52fc2c6a2d2e3dcb816ba0c56751d0 SHA512 (Python-2.7.10.tar.xz) = 67615a6defbcda062f15a09f9dd3b9441afd01a8cc3255e5bc45b925378a0ddc38d468b7701176f6cc153ec52a4f21671b433780d9bde343aa9b9c1b2ae29feb Size (Python-2.7.10.tar.xz) = 12250696 bytes a12 1 SHA1 (patch-Modules_mmapmodule.c) = 3f401b59883af3232b6c77a76a08e5feffa77044 d24 1 a24 1 SHA1 (patch-au) = dcfac01d19dd3fc1eaa3b59a440f5c393c373f9e @ 1.51 log @Changes 2.7.10: This is a bug-fix release. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.50 2015/04/24 03:01:35 rodent Exp $ d5 1 @ 1.50 log @Add patch from: https://hg.python.org/cpython/rev/eddcb6671a48 to fix build with LibreSSL and stop our OpenBSD bulk builds from being murdered. Defuzz patches. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.49 2015/03/03 17:19:58 snj Exp $ d3 3 a5 4 SHA1 (Python-2.7.9.tar.xz) = 3172f6e957713c2d9fca462cc16068222fd1b9d3 RMD160 (Python-2.7.9.tar.xz) = 2b047c3b56987b473c3ca957ad87f5582c37d6f6 Size (Python-2.7.9.tar.xz) = 12164712 bytes SHA1 (patch-Doc_library_ssl.rst) = f8fe95057675486bf9dbac30bad442e79ea75136 a8 1 SHA1 (patch-Lib_dumbdb.py) = 56c15b68bafbdbcc009a9210019607293559dd32 a9 5 SHA1 (patch-Lib_socket.py) = d22b4f0721124313f031e03c36149c90dc39f714 SHA1 (patch-Lib_ssl.py) = 33d5fde22614a4cba75159ea1c7aff92169dbfba SHA1 (patch-Lib_test_test__dumbdbm.py) = ec743572b23e5a7cebd2556a13bbd7d5692e639d SHA1 (patch-Lib_test_test__ssl.py) = 1c423632b2fe66dee0ee35e10cdc4704dba0d185 SHA1 (patch-Modules___ssl.c) = ba5800d57cbfb1ca29dbfaf2d57ba196669f2684 d20 1 a20 1 SHA1 (patch-al) = d605a47a8aaac7b928af88d22429ce9e557f271b d29 1 a29 2 SHA1 (patch-configure.ac) = 88daa10dc8cdfd490c911ad9f2143f4ec6a82e12 SHA1 (patch-pyconfig.h.in) = a52a02cbc7ce7c988e0169a92e58342762e7ce0a @ 1.49 log @Fix http://bugs.python.org/issue22885 with patch from that URL. Bump PKGREVISION to 1. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.48 2014/12/16 07:07:32 chopps Exp $ d6 33 a38 27 SHA1 (patch-Include_pyerrors.h) = 3eba043c83b1d1df4918524f7b53047a6ed372ae SHA1 (patch-Include_pyport.h) = 971c7c548b92595712d0d70a0917a0ccc83b6c7e SHA1 (patch-Lib_distutils_unixccompiler.py) = 39b967dc2ae648143d5841f22602a21063b4d5ea SHA1 (patch-Lib_dumbdb.py) = b4b154f511c8852e2f869653eccd7d9a1c21e734 SHA1 (patch-Lib_multiprocessing_process.py) = b47ad4cbeddbcfb4342c08c84d0d515a793815d4 SHA1 (patch-Lib_test_test__dumbdbm.py) = f59f0d8bbf910bac369528129b564597a77379ba SHA1 (patch-Modules_getaddrinfo.c) = 696c58c4c4bbb710fb1508d7d88864d0b08cfc79 SHA1 (patch-Modules_getpath.c) = aa8a54717a85f831e3ceaad19d96c43bc38aef10 SHA1 (patch-Modules_mmapmodule.c) = 87ea76e6d8263045c1ca794ff5c75ed631a74b6d SHA1 (patch-Modules_posixmodule.c) = b8960592611499202bb5ff8521d619e0637177b6 SHA1 (patch-Modules_socketmodule.c) = 960ce4af2a142c471c707de446f2d390044bbc13 SHA1 (patch-aa) = 990e4025bb6a37715e1f5df1831499f0ab08acfa SHA1 (patch-ab) = 6a38874aaaccc878541554546835ccbf6136bbd5 SHA1 (patch-ad) = 061aefac15fe3834271770f0fd225e12f84d961a SHA1 (patch-ae) = 7fadf9e2f5fe7ad42e14f9cf9ef92e92a3a40787 SHA1 (patch-ah) = 0648597f53bef7832af589378104a4d43290714a SHA1 (patch-al) = 4bd68f7995f5b76c3d62f370f31568930055c76f SHA1 (patch-am) = 5e287cddd574e86e1ef07e6e862e72aacaa70b93 SHA1 (patch-an) = f1179125d2042e44b864488864144cae057171cb SHA1 (patch-ao) = ad4377682b01a4965c84ac46e398ec5e841ee0f5 SHA1 (patch-au) = 98c925a32b2067055d9082a24b8a8b8b1069eb90 SHA1 (patch-av) = 3cd52c97afe7b3331559e75b1d69c886014c1d8e SHA1 (patch-aw) = ff445b01cd4979d26baf27aabb291a803c4a2ec2 SHA1 (patch-ax) = 63948a78cbd4dd5438cd0fc1ce8a23e6ec13626c SHA1 (patch-az) = e373cb7e80650b3cc9f491864ab2c2ddfd4c8395 SHA1 (patch-pyconfig.h.in) = 11aae6980d82ec577088dc4e13f5e3b5180360e6 SHA1 (patch-xa) = e996624c1d4aa978f853dab31a096b8587fed7a2 @ 1.48 log @Update to 2.7.9 removing patches that were incorporated. Significant changes include: - The entirety of Python 3.4's ssl module has been backported for Python 2.7.9. See PEP 466 for justification. - HTTPS certificate validation using the system's certificate store is now enabled by default. See PEP 476 for details. - SSLv3 has been disabled by default in httplib and its reverse dependencies due to the POODLE attack. - The ensurepip module module has been backported, which provides the pip package manager in every Python 2.7 installation. See PEP 477. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.47 2014/11/02 13:31:11 spz Exp $ d9 1 d11 1 @ 1.47 log @add the patches for Python issue 22518, also known as 22470, from the python source repository. Refresh patches @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.46 2014/07/26 06:19:38 adam Exp $ d3 3 a5 4 SHA1 (Python-2.7.8.tar.xz) = 9c6281eeace0c3646fa556c8087bb1b7e033c9c4 RMD160 (Python-2.7.8.tar.xz) = 04d7d55ea65074a9b419e5d0920414e54691d907 Size (Python-2.7.8.tar.xz) = 10525244 bytes SHA1 (patch-Include_node.h) = 673d148b625711ac47e4bfeb0f5b0d5b31f94d7e a9 6 SHA1 (patch-Lib_poplib.py) = 5d7f64b028abd2fd43651f27a7f2ce7efe5b0859 SHA1 (patch-Lib_smtplib.py) = f1118bbc53b4e292eb9a28ef3ef10eb4aa553bc3 SHA1 (patch-Lib_test_test__poplib.py) = 1bdef76b687d042272e35c08521d4244d2c7fbe1 SHA1 (patch-Lib_test_test_smtplib.py) = 9e8a7f826c7d0f493746718b49fc27ac97c2cbb1 SHA1 (patch-Misc_NEWS) = 262f9cb316d0f7ce1fb85296a07302f4cb2dd1a5 SHA1 (patch-Modules___ssl.c) = aaddaea5bcd6c84d3d896c7c37f710933b8228bc a14 2 SHA1 (patch-Objects_unicodeobject.c) = 7edf7d2b553569bc66c883b1fd516dceb13c8cde SHA1 (patch-Python_codecs.c) = fce9d5f2745773b76074a8ae7389aa88fbbe4f9e @ 1.46 log @Reverting some changes which made building on Darwin to fail. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.45 2014/07/17 15:26:49 ryoon Exp $ d15 1 a15 1 SHA1 (patch-Misc_NEWS) = c9171e10227567750db8e11881aca305cd8c3a42 d18 1 a18 1 SHA1 (patch-Modules_getpath.c) = f68b38eb90f974b67ceab3922ce7f92eb77f25c3 d22 2 d25 4 a28 4 SHA1 (patch-ab) = 0d0ae9802dfe3b85659adb16793affd8c4ffce43 SHA1 (patch-ad) = de730b9f5a5efb56afa8bed05824b5f6579242ec SHA1 (patch-ae) = ff6d8c6164fe3c6dc4fb33d88eb8a49d5c5442f6 SHA1 (patch-ah) = ae3ce0656d890ca34292920bf0185f94ba847139 d30 10 a39 10 SHA1 (patch-am) = 366ce0b130cc9b6d6c5354769da05bb4b5845e01 SHA1 (patch-an) = 6098fbf0fc31422196cc40d3a227934523db11ca SHA1 (patch-ao) = 3a1cd2b255340fd23fc1fce8680e692581ffcec1 SHA1 (patch-au) = 2a2a988ac92553d17eb898870d1adb3c30a59b66 SHA1 (patch-av) = a14eaf4d5db6fc3b79ed896fbfcc34ca98051af2 SHA1 (patch-aw) = 15652e241f371a22c7300f46771825ea74514fa0 SHA1 (patch-ax) = be7498a37a89c86d278d07c38666237215308498 SHA1 (patch-az) = 56a3adedfc87cbbb0307ccb4b452665f79bde582 SHA1 (patch-pyconfig.h.in) = c4544178ecceffb6ed911df39d3a64bff665cb34 SHA1 (patch-xa) = 25f02b03f1c5534e1d839a5489d5a046071f32c0 @ 1.46.2.1 log @Pullup ticket #4536 - requested by spz lang/python27: security update Revisions pulled up: - lang/python27/Makefile 1.46 - lang/python27/distinfo 1.47 - lang/python27/patches/patch-Misc_NEWS 1.5 - lang/python27/patches/patch-Modules_getpath.c 1.2 - lang/python27/patches/patch-Objects_unicodeobject.c 1.1 - lang/python27/patches/patch-Python_codecs.c 1.1 - lang/python27/patches/patch-ab 1.3 - lang/python27/patches/patch-ad 1.2 - lang/python27/patches/patch-ae 1.2 - lang/python27/patches/patch-ah 1.3 - lang/python27/patches/patch-am 1.18 - lang/python27/patches/patch-an 1.2 - lang/python27/patches/patch-ao 1.5 - lang/python27/patches/patch-au 1.7 - lang/python27/patches/patch-av 1.2 - lang/python27/patches/patch-aw 1.2 - lang/python27/patches/patch-ax 1.5 - lang/python27/patches/patch-az 1.4 - lang/python27/patches/patch-pyconfig.h.in 1.3 - lang/python27/patches/patch-xa 1.2 --- Module Name: pkgsrc Committed By: spz Date: Sun Nov 2 13:31:11 UTC 2014 Modified Files: pkgsrc/lang/python27: Makefile distinfo pkgsrc/lang/python27/patches: patch-Misc_NEWS patch-Modules_getpath.c patch-ab patch-ad patch-ae patch-ah patch-am patch-an patch-ao patch-au patch-av patch-aw patch-ax patch-az patch-pyconfig.h.in patch-xa Added Files: pkgsrc/lang/python27/patches: patch-Objects_unicodeobject.c patch-Python_codecs.c Log Message: add the patches for Python issue 22518, also known as 22470, from the python source repository. Refresh patches @ text @d1 1 a1 1 $NetBSD$ d15 1 a15 1 SHA1 (patch-Misc_NEWS) = 262f9cb316d0f7ce1fb85296a07302f4cb2dd1a5 d18 1 a18 1 SHA1 (patch-Modules_getpath.c) = aa8a54717a85f831e3ceaad19d96c43bc38aef10 a21 2 SHA1 (patch-Objects_unicodeobject.c) = 7edf7d2b553569bc66c883b1fd516dceb13c8cde SHA1 (patch-Python_codecs.c) = fce9d5f2745773b76074a8ae7389aa88fbbe4f9e d23 4 a26 4 SHA1 (patch-ab) = 6a38874aaaccc878541554546835ccbf6136bbd5 SHA1 (patch-ad) = 061aefac15fe3834271770f0fd225e12f84d961a SHA1 (patch-ae) = 7fadf9e2f5fe7ad42e14f9cf9ef92e92a3a40787 SHA1 (patch-ah) = 0648597f53bef7832af589378104a4d43290714a d28 10 a37 10 SHA1 (patch-am) = 5e287cddd574e86e1ef07e6e862e72aacaa70b93 SHA1 (patch-an) = f1179125d2042e44b864488864144cae057171cb SHA1 (patch-ao) = ad4377682b01a4965c84ac46e398ec5e841ee0f5 SHA1 (patch-au) = 98c925a32b2067055d9082a24b8a8b8b1069eb90 SHA1 (patch-av) = 3cd52c97afe7b3331559e75b1d69c886014c1d8e SHA1 (patch-aw) = ff445b01cd4979d26baf27aabb291a803c4a2ec2 SHA1 (patch-ax) = 63948a78cbd4dd5438cd0fc1ce8a23e6ec13626c SHA1 (patch-az) = e373cb7e80650b3cc9f491864ab2c2ddfd4c8395 SHA1 (patch-pyconfig.h.in) = 11aae6980d82ec577088dc4e13f5e3b5180360e6 SHA1 (patch-xa) = e996624c1d4aa978f853dab31a096b8587fed7a2 @ 1.45 log @Fix SCO OpenServer 5.0.7/3.2 build. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.44 2014/07/02 09:53:16 adam Exp $ d27 1 a27 1 SHA1 (patch-al) = 43457e0749366e65bc139d0905ca95c6d6d79ecf @ 1.44 log @Changes 2.7.8: The openssl version bundled in the Windows installer has been updated. A regression in the mimetypes module on Windows has been fixed. A possible overflow in the buffer type has been fixed. A bug in the CGIHTTPServer module which allows arbitrary execution of code in the server root has been patched. A regression in the handling of UNC paths in os.path.join has been fixed @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.43 2014/07/02 08:22:02 he Exp $ d10 1 d17 1 d19 3 d27 1 a27 1 SHA1 (patch-al) = d07699c6987da69fca911a15ab8011a82e43143d @ 1.43 log @Apply a fix for directory-traversal vulnerability, ref. http://bugs.python.org/issue21766 Bump PKGREVISION. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.42 2014/06/11 05:55:58 richard Exp $ d3 3 a5 3 SHA1 (Python-2.7.7.tar.xz) = 5f82557cac5abf18d1df6f8bb2029aa335b321f4 RMD160 (Python-2.7.7.tar.xz) = 988da9490e8d66a2456accdce5dbe9ba875d5a18 Size (Python-2.7.7.tar.xz) = 10496500 bytes d8 1 a8 2 SHA1 (patch-Include_pyport.h) = 3f21c910cf7f002184d2b054a1a362e4a98a218f SHA1 (patch-Lib_CGIHTTPServer.py) = 533ab07f23b5bcbb13c9bc8e49b056f0a95768a4 a11 1 SHA1 (patch-Lib_test_test__httpservers.py) = b3c85c74bdd42b736882a92f807392abf3bb4fbd d22 1 a22 1 SHA1 (patch-al) = cd73fa968177a6e99737f2f6b095c1cb2da1b8b0 @ 1.42 log @avoid conflicting declaration of gethostname on SunOS @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.41 2014/06/09 17:58:31 he Exp $ d9 1 d13 1 d16 1 a16 1 SHA1 (patch-Misc_NEWS) = 773d71d171a4d4e915297f723a37f5c5e5ef2bd4 @ 1.42.2.1 log @Pullup ticket #4441 - requested by he lang/python27: security patch Revisions pulled up: - lang/python27/distinfo 1.43 - lang/python27/patches/patch-Lib_CGIHTTPServer.py 1.1 - lang/python27/patches/patch-Lib_test_test__httpservers.py 1.1 - lang/python27/patches/patch-Misc_NEWS 1.4 --- Module Name: pkgsrc Committed By: he Date: Wed Jul 2 08:22:02 UTC 2014 Modified Files: pkgsrc/lang/python27: distinfo pkgsrc/lang/python27/patches: patch-Misc_NEWS Added Files: pkgsrc/lang/python27/patches: patch-Lib_CGIHTTPServer.py patch-Lib_test_test__httpservers.py Log Message: Apply a fix for directory-traversal vulnerability, ref. http://bugs.python.org/issue21766 Bump PKGREVISION. @ text @d1 1 a1 1 $NetBSD$ a8 1 SHA1 (patch-Lib_CGIHTTPServer.py) = 533ab07f23b5bcbb13c9bc8e49b056f0a95768a4 a11 1 SHA1 (patch-Lib_test_test__httpservers.py) = b3c85c74bdd42b736882a92f807392abf3bb4fbd d14 1 a14 1 SHA1 (patch-Misc_NEWS) = c9171e10227567750db8e11881aca305cd8c3a42 @ 1.41 log @Add patches to fix the remaining two functions reported as being vulnerable to CVE-2013-1752, following the general theme of overflow of line lengths. This fixes the smtp and pop functions. Taken / adapted from http://bugs.python.org/issue16041 and http://bugs.python.org/issue16042. PKGREVISION bumped. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.40 2014/06/02 06:12:03 adam Exp $ d8 1 @ 1.40 log @Changes 2.7.7: This is a regularly scheduled 2.7 series bugfix and includes numerous bugfixes (http://hg.python.org/cpython/raw-file/f89216059edf/Misc/NEWS) over 2.7.6. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.39 2014/05/21 00:31:07 obache Exp $ d9 5 @ 1.39 log @search openssl header file from prefered ssl_incs over system inc_dirs. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.38 2014/05/20 16:48:00 adam Exp $ d3 3 a5 3 SHA1 (Python-2.7.6.tar.xz) = 8321636af2acbeaa68fc635d7dda7369ed446a80 RMD160 (Python-2.7.6.tar.xz) = 8efc73a01a466d8fa16c5c1734c89be79c2c538a Size (Python-2.7.6.tar.xz) = 10431288 bytes a10 2 SHA1 (patch-Modules_readline.c) = 0afcbd1c8bdf3648177bed760e6cccf54c857451 SHA1 (patch-Modules_socketmodule.c) = a8a4da9381a9485f7e999ae7db4aa715adfacfa5 d16 1 a16 1 SHA1 (patch-al) = dd8bed847f797b97df1a9ad7ffe17645b0f08925 @ 1.38 log @Fix detecting OpenSSL, in particular on OS X. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.37 2014/05/10 08:38:04 obache Exp $ d19 1 a19 1 SHA1 (patch-am) = 4a1fb4f30d27463587901f5cf40adfc7b9c5904a @ 1.37 log @SA56624 is CVE-2014-1912. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.36 2014/04/13 15:06:20 bsiegert Exp $ d19 1 a19 1 SHA1 (patch-am) = 801c8fbe14be2138ef45f2d80646d8be6d4ea25a @ 1.36 log @Reapply reverted commit from obache@@. Original description: Prevent to detect unwanted builtin openssl. After bump of BUILDLINK_API_DEPENDS.openssl to 1.0.1c, buitin openssl is not acceptable for various platforms. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.33 2014/03/27 05:22:33 obache Exp $ d12 1 a12 1 SHA1 (patch-Modules_socketmodule.c) = 07c76dcf6dc8605446bc8e01d80e1f1e30a5ebf7 @ 1.35 log @Update readline-6.3 patch from upstream, for builtin GNU readline<4.2. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.34 2014/03/27 05:36:37 obache Exp $ d19 1 a19 1 SHA1 (patch-am) = e5d78bfd5b9e6339985ed4cb587897042b6b8590 @ 1.35.2.1 log @Pullup ticket #4369 - requested by bsiegert lang/python26: build fix Revisions pulled up: - lang/python26/Makefile 1.63 - lang/python26/distinfo 1.58 - lang/python26/patches/patch-am 1.23 - lang/python27/Makefile 1.40 - lang/python27/distinfo 1.36 - lang/python27/patches/patch-am 1.15 --- Module Name: pkgsrc Committed By: bsiegert Date: Sun Apr 13 14:56:56 UTC 2014 Modified Files: pkgsrc/lang/python26: Makefile distinfo pkgsrc/lang/python26/patches: patch-am Log Message: Redo reverted commit from obache@@. Original description: Prevent to detect unwanted builtin openssl. After bump of BUILDLINK_API_DEPENDS.openssl to 1.0.1c, buitin openssl is not acceptable for various platforms. --- Module Name: pkgsrc Committed By: bsiegert Date: Sun Apr 13 15:06:20 UTC 2014 Modified Files: pkgsrc/lang/python27: Makefile distinfo pkgsrc/lang/python27/patches: patch-am Log Message: Reapply reverted commit from obache@@. Original description: Prevent to detect unwanted builtin openssl. After bump of BUILDLINK_API_DEPENDS.openssl to 1.0.1c, buitin openssl is not acceptable for various platforms. @ text @d1 1 a1 1 $NetBSD$ d19 1 a19 1 SHA1 (patch-am) = 801c8fbe14be2138ef45f2d80646d8be6d4ea25a @ 1.34 log @revert last commit, should not be committed during freeze. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.32 2014/03/15 05:38:14 dholland Exp $ d11 1 a11 1 SHA1 (patch-Modules_readline.c) = 8619f31249c3d7fc8fcb5f90c0fe30a80d16a490 @ 1.33 log @Prevent to detect unwanted builtin openssl. After bump of BUILDLINK_API_DEPENDS.openssl to 1.0.1c, buitin openssl is not acceptable for various platforms. @ text @d19 1 a19 1 SHA1 (patch-am) = 801c8fbe14be2138ef45f2d80646d8be6d4ea25a @ 1.32 log @Fix py-readline build with readline 6.3. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.31 2014/03/12 12:40:57 obache Exp $ d19 1 a19 1 SHA1 (patch-am) = e5d78bfd5b9e6339985ed4cb587897042b6b8590 @ 1.31 log @For smtpd.py, only rename with ${PYVERSUFFIX} to be installed as a tool, or rename of module name affect to other parts using this module. Noticed by Benjamin Lorenz in tech-pkg@@. Additionally, set ALTERNATIVE for bin/smtpd.py. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.30 2014/02/09 09:02:50 tron Exp $ d11 1 @ 1.30 log @Add fix for security vulnerability reported in SA56624. Patch taken from Python Mercurial repository. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.29 2013/12/14 18:59:55 bsiegert Exp $ d18 1 a18 1 SHA1 (patch-am) = 80718042f67a22489b1ae0806e71f28c1515c28e @ 1.29 log @The nullbytecert.pem is actually part of Python 2.7.6 so trying to patch it into existence fails on MirBSD. Remove the patch, which is no longer needed. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.28 2013/11/12 18:57:25 adam Exp $ d11 1 @ 1.29.2.1 log @Pullup ticket #4319 - requested by tron lang/python27: security fix Revisions pulled up: - lang/python27/Makefile 1.34 - lang/python27/distinfo 1.30 - lang/python27/patches/patch-Modules_socketmodule.c 1.1 ------------------------------------------------------------------- Module Name: pkgsrc Committed By: tron Date: Sun Feb 9 09:02:50 UTC 2014 Modified Files: pkgsrc/lang/python27: Makefile distinfo Added Files: pkgsrc/lang/python27/patches: patch-Modules_socketmodule.c Log Message: Add fix for security vulnerability reported in SA56624. Patch taken from Python Mercurial repository. To generate a diff of this commit: cvs rdiff -u -r1.33 -r1.34 pkgsrc/lang/python27/Makefile cvs rdiff -u -r1.29 -r1.30 pkgsrc/lang/python27/distinfo cvs rdiff -u -r0 -r1.1 \ pkgsrc/lang/python27/patches/patch-Modules_socketmodule.c @ text @d1 1 a1 1 $NetBSD$ a10 1 SHA1 (patch-Modules_socketmodule.c) = 07c76dcf6dc8605446bc8e01d80e1f1e30a5ebf7 @ 1.28 log @Changes 2.7.6: This is a 2.7 series bugfix release. Most importantly, it resolves an issue that caused the interactive prompt to crash on OS X 10.9. It also includes numerous bugfixes over 2.7.5. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.27 2013/09/13 13:18:20 adam Exp $ a8 1 SHA1 (patch-Lib_test_nullbytecert.pem) = 22f866c0e00016a0931985f672513c0d533d9db5 @ 1.27 log @don't set Mac OS X target version: stick to the current one @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.26 2013/09/10 14:22:30 joerg Exp $ d3 3 a5 3 SHA1 (Python-2.7.5.tar.xz) = b7389791f789625c2ba9d897aa324008ff482daf RMD160 (Python-2.7.5.tar.xz) = baa7ad7d82cb4dc0a70b6a7aded43b7b78b0067e Size (Python-2.7.5.tar.xz) = 10252148 bytes d10 1 a10 3 SHA1 (patch-Lib_test_test__ssl.py) = 30622803b45db6c081f8a507139ad0ad56b1ba43 SHA1 (patch-Misc_NEWS) = a7871e744f509aca0e3eac7bc3c71d742621ca20 SHA1 (patch-Modules___ssl.c) = d66e56a1a88d885564cbbce7afef55467f80d19a d18 1 a18 1 SHA1 (patch-am) = c07ae10d62d3b071c180ea138b225d9d1586abb3 @ 1.26 log @Always pass rpath argument with -Wl prefix, especially if clang is not called gcc. Bump revision. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.25 2013/08/18 13:42:14 spz Exp $ d19 1 a19 1 SHA1 (patch-al) = bb492863afae88d1627b3caba13b73759adb2d15 @ 1.25 log @patch for CVE-2013-4238 taken from http://hg.python.org/cpython/rev/bd2360476bdb @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.24 2013/05/27 16:24:00 adam Exp $ d8 1 a8 1 SHA1 (patch-Lib_distutils_unixccompiler.py) = 3964e0c6bd2b3899b24b31892d5ad830ae04d308 @ 1.24 log @This is a 2.7 series bugfix release. It contains several regression fixes to 2.7.4. Modules with regressions fixed include zipfile, gzip, and logging. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.23 2013/04/17 13:21:05 obache Exp $ d9 4 a12 1 SHA1 (patch-Modules___ssl.c) = a635ffc52becf2f78c4f1ebae17587cfdf3dffc6 @ 1.24.2.1 log @Pullup ticket #4213 - requested by spz lang/python27: security patch Revisions pulled up: - lang/python27/Makefile 1.27 - lang/python27/PLIST.common 1.6 - lang/python27/distinfo 1.25 - lang/python27/patches/patch-Lib_test_nullbytecert.pem 1.1 - lang/python27/patches/patch-Lib_test_test__ssl.py 1.1 - lang/python27/patches/patch-Misc_NEWS 1.1 - lang/python27/patches/patch-Modules___ssl.c 1.2 --- Module Name: pkgsrc Committed By: spz Date: Sun Aug 18 13:42:14 UTC 2013 Modified Files: pkgsrc/lang/python27: Makefile PLIST.common distinfo pkgsrc/lang/python27/patches: patch-Modules___ssl.c Added Files: pkgsrc/lang/python27/patches: patch-Lib_test_nullbytecert.pem patch-Lib_test_test__ssl.py patch-Misc_NEWS Log Message: patch for CVE-2013-4238 taken from http://hg.python.org/cpython/rev/bd2360476bdb @ text @d1 1 a1 1 $NetBSD$ d9 1 a9 4 SHA1 (patch-Lib_test_nullbytecert.pem) = 22f866c0e00016a0931985f672513c0d533d9db5 SHA1 (patch-Lib_test_test__ssl.py) = 30622803b45db6c081f8a507139ad0ad56b1ba43 SHA1 (patch-Misc_NEWS) = a7871e744f509aca0e3eac7bc3c71d742621ca20 SHA1 (patch-Modules___ssl.c) = d66e56a1a88d885564cbbce7afef55467f80d19a @ 1.23 log @Improve Cygwin support. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.22 2013/04/12 09:03:41 adam Exp $ d3 3 a5 3 SHA1 (Python-2.7.4.tar.xz) = 08e78ebeb6d9c799644f6d787ca424291c0fe03e RMD160 (Python-2.7.4.tar.xz) = 9d1a6db9a5373599afd509e1abb675a3dc5bdf58 Size (Python-2.7.4.tar.xz) = 10250644 bytes d17 1 a17 1 SHA1 (patch-am) = 4deb1a07b3b7ff97a3a9ee468f066bd4143879cb @ 1.22 log @Changes 2.7.4: This is a 2.7 series bugfix release. It includes hundreds of bugfixes over 2.7.3. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.21 2012/12/21 20:26:42 dholland Exp $ d6 5 d17 1 a17 1 SHA1 (patch-am) = d1950d0b85e16d60b6a60e823884427e6e8d0984 @ 1.21 log @Revert previous; Joerg says it breaks on clang. (It would be nice if clang didn't masquerade as gcc and then turn out to be incompatible.) Reopens PR 47342, but I'll deal. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.20 2012/12/16 23:22:28 dholland Exp $ d3 3 a5 6 SHA1 (Python-2.7.3.tar.bz2) = 842c4e2aff3f016feea3c6e992c7fa96e49c9aa0 RMD160 (Python-2.7.3.tar.bz2) = bfc511d54080898d7008d4b84d49f957859d66c3 Size (Python-2.7.3.tar.bz2) = 11793433 bytes SHA1 (patch-Mac_Modules_fm___Fmmodule.c) = b9314bccb51b4fe672b81559068f7a79d2965f94 SHA1 (patch-Mac_Modules_qd___Qdmodule.c) = 45c748b15b9436d45ba137460389638aa7108c8d SHA1 (patch-Mac_Modules_qdoffs___Qdoffsmodule.c) = 9994f0c1a908f18f1f3df3f05b184f082c018365 d10 3 a12 3 SHA1 (patch-ah) = 8e9ee44c7a054f1387b6d8ef8dbe9c1b8dc8d891 SHA1 (patch-al) = e28c7b31560523528a824241e6782b7561223aa7 SHA1 (patch-am) = f56a53eb9f4694913d317c09e162bdd413f8f38f d14 2 a15 2 SHA1 (patch-ao) = e14c3ddb136611835905fbe13c0b7ea2df8b6709 SHA1 (patch-au) = 51b263d908db13c639fb275a5e58abe83f4d7324 d18 3 a20 3 SHA1 (patch-ax) = 962fc8059867f55aaba2d32a53f25f4007658e0d SHA1 (patch-az) = 303f7b95494780b8fa54192663f0a192e3d46b59 SHA1 (patch-pyconfig.h.in) = 7ebc0ed9ca9a37c5a6c8e04cc3f7fca4a5c90e8c @ 1.20 log @Use -Werror=format when checking HAVE_ATTRIBUTE_FORMAT_PARSETUPLE, so injecting -Wall -Wno-error does not cause the test to produce the wrong answer. (If it does, the wrong information is installed in /usr/include, and ultimately provokes PR 47342.) @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.19 2012/08/14 18:19:01 drochner Exp $ d14 1 a14 1 SHA1 (patch-al) = f64f58c93c8cfb9ee3f4f7b726527e5c95441f9f @ 1.19 log @avoid POSIX semaphores on NetBSD -- at least on -current they cause serious misbehavior (access to closed file descriptors, fd leaks) which makes eg xentools completely unusable bump PKGREV @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.18 2012/04/13 18:47:27 adam Exp $ d14 1 a14 1 SHA1 (patch-al) = 9c6d0837e5c5b4e79285ed83966e6bab9d22d6f8 @ 1.18 log @Changes 2.7.3: * An ordered dictionary type * New unittest features including test skipping, new assert methods, and test discovery * A much faster io module * Automatic numbering of fields in the str.format() method * Float repr improvements backported from 3.x * Tile support for Tkinter * A backport of the memoryview object from 3.x * Set literals * Set and dictionary comprehensions * Dictionary views * New syntax for nested with statements * The sysconfig module @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.17 2012/03/27 10:49:22 obache Exp $ d24 1 @ 1.17 log @Fix build on OpenBSD-5.x, treat same as OpenBSD-4.[789]. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.16 2012/03/24 12:04:36 tron Exp $ d3 3 a5 30 SHA1 (Python-2.7.2.tar.bz2) = 417bdeea77abfaf1b9257fc6b4a04aaa209f4547 RMD160 (Python-2.7.2.tar.bz2) = c3bf4f09b7c429a4d9f4cc251c795304cd5232c5 Size (Python-2.7.2.tar.bz2) = 11754834 bytes SHA1 (patch-CVE-2012-0845) = 1c0a8d7224b6b5cb65b24d38ac0967f8f8fb2da9 SHA1 (patch-CVE-2012-1150-Doc_library_sys.rst) = 8580d187abaed9dce948988e50749be7527ee0f8 SHA1 (patch-CVE-2012-1150-Doc_reference_datamodel.rst) = f145207d4cc32643e78fcac9d204089406dc96fe SHA1 (patch-CVE-2012-1150-Doc_using_cmdline.rst) = fadd6f4822219adccd2268fd1fd0bf2bc330c994 SHA1 (patch-CVE-2012-1150-Include_object.h) = 18559b16c80e08b8df62bb5c06a34c92105e56d9 SHA1 (patch-CVE-2012-1150-Include_pydebug.h) = f71040bfbf930384c1fd4f3258c89e86259e7a52 SHA1 (patch-CVE-2012-1150-Include_pythonrun.h) = cd8b8dfd673a81b231f1a35074ec73aba3c999ce SHA1 (patch-CVE-2012-1150-Lib_os.py) = b7217bb7c7a3aeb974e65754f4314e76d65e0e12 SHA1 (patch-CVE-2012-1150-Lib_test_test_cmd_line.py) = e55f48b43a4d41d05e2aa2b40f1a4f43d0d99eb9 SHA1 (patch-CVE-2012-1150-Lib_test_test_compiler.py) = 27186659371dacee553a2fc9065db639f3336425 SHA1 (patch-CVE-2012-1150-Lib_test_test_hash.py) = 8107307dc1bd6516280c464e631cf811e0cd59b4 SHA1 (patch-CVE-2012-1150-Lib_test_test_os.py) = c3724a7346e3fc8d3003bd26a0556668b0896f5c SHA1 (patch-CVE-2012-1150-Lib_test_test_set.py) = a19cfff0a38411a19aadc4294b6f24deabaa4aab SHA1 (patch-CVE-2012-1150-Lib_test_test_support.py) = f635d3135f9a3e3387f6a2e6e00b054969f78d3c SHA1 (patch-CVE-2012-1150-Lib_test_test_sys.py) = 887f1f50b5e6102e334a73a451211addb9d4263a SHA1 (patch-CVE-2012-1150-Misc_NEWS) = 807b7bb73542861262890ea0a57dd13e193042ab SHA1 (patch-CVE-2012-1150-Misc_python.man) = d89d9258a4dad8de5a22e8625df03d6da34ea92c SHA1 (patch-CVE-2012-1150-Modules_main.c) = b79a20d671062039ba580921cfa1f06634cca135 SHA1 (patch-CVE-2012-1150-Modules_posixmodule.c) = 1a252303f6adc29150e0a109f78ceb1a54bbc28d SHA1 (patch-CVE-2012-1150-Objects_bufferobject.c) = 383878c6b8767b3cce7a9b83890f8f79d1deac94 SHA1 (patch-CVE-2012-1150-Objects_object.c) = bd134011028c0c73d95007878ad16499a3125a98 SHA1 (patch-CVE-2012-1150-Objects_stringobject.c) = 6efc29891d04fd0112d88ce2898ef2bdd5f47718 SHA1 (patch-CVE-2012-1150-Objects_unicodeobject.c) = 499b80ed541b49dfb3fbf49c2a18b30f89703f2c SHA1 (patch-CVE-2012-1150-PCbuild_pythoncore.vcproj) = 17277d7d82a10cd32c9cb35510a8c76f620536ed SHA1 (patch-CVE-2012-1150-Python_pythonrun.c) = 8ae9796a18145d3d6261aad1390ede9ab4c6d6c9 SHA1 (patch-CVE-2012-1150-Python_random.c) = 71c4bcc6e781240ad91b1679c9790e77b770eeb9 SHA1 (patch-CVE-2012-1150-Python_sysmodule.c) = cb14822430f9dcbaf34c10b211065cb9f244d963 d10 1 a10 1 SHA1 (patch-ab) = 8c44f60d9ed0babb107bc4643b0437e2dd55d03a d14 1 a14 1 SHA1 (patch-al) = 2e72dcb429a368a0241ecb188dc01d68e2d9e530 d17 2 a18 2 SHA1 (patch-ao) = 9996a444fc0034c9f01fd18f4ad7bf714a8c8d04 SHA1 (patch-au) = 15b30cb5c77d2916538a390d9a08c0675ac01970 d21 2 a22 2 SHA1 (patch-ax) = bdb8e6555f36b1603c553e03a2d6d772e50c623b SHA1 (patch-az) = 473419352f6e1ff3c6e6268e81457e6f8a1fccb8 @ 1.16 log @Add a fix for the DoS vulnerability reported in CVE-2012-1150 taken from the Python Mercurial repository. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.15 2012/02/15 16:08:26 drochner Exp $ d41 1 a41 1 SHA1 (patch-al) = b97c2e73b9038e22f55ec226c2cbcc671466ad19 @ 1.15 log @apply fix for CVE-2012-0845 to other Python versions too (2.4 is not affected) @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.14 2011/12/16 17:04:18 hans Exp $ d7 26 d45 1 a45 1 SHA1 (patch-au) = 18fce68df48e43c2927cc83e6b4b404b5e1103b7 @ 1.14 log @On SunOS, don't ever override _XOPEN_SOURCE if it is already set. Fixes build on SunOS with gcc>=4.6. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.13 2011/11/08 07:30:08 sbd Exp $ d6 1 @ 1.14.2.1 log @Pullup ticket #3685 - requested by drochner lang/python25: security patch lang/python26: security patch lang/python27: security patch lang/python31: security patch Revisions pulled up: - lang/python25/Makefile 1.37 via patch - lang/python25/distinfo 1.22 - lang/python25/patches/patch-CVE-2012-0845 1.1 - lang/python26/Makefile 1.45 via patch - lang/python26/distinfo 1.43 - lang/python26/patches/patch-CVE-2012-0845 1.1 - lang/python27/Makefile 1.11 via patch - lang/python27/distinfo 1.15 - lang/python27/patches/patch-CVE-2012-0845 1.1 - lang/python31/Makefile 1.6 via patch - lang/python31/distinfo 1.8 - lang/python31/patches/patch-CVE-2012-0845 1.1 --- Module Name: pkgsrc Committed By: drochner Date: Wed Feb 15 12:21:41 UTC 2012 Modified Files: pkgsrc/lang/python26: Makefile distinfo Added Files: pkgsrc/lang/python26/patches: patch-CVE-2012-0845 Log Message: add patch from Python issue#14001 to fix xmlrpc server endless loop by malformed request bump PKGREV --- Module Name: pkgsrc Committed By: drochner Date: Wed Feb 15 16:08:26 UTC 2012 Modified Files: pkgsrc/lang/python25: Makefile distinfo pkgsrc/lang/python27: Makefile distinfo pkgsrc/lang/python31: Makefile distinfo Added Files: pkgsrc/lang/python25/patches: patch-CVE-2012-0845 pkgsrc/lang/python27/patches: patch-CVE-2012-0845 pkgsrc/lang/python31/patches: patch-CVE-2012-0845 Log Message: apply fix for CVE-2012-0845 to other Python versions too (2.4 is not affected) @ text @d1 1 a1 1 $NetBSD$ a5 1 SHA1 (patch-CVE-2012-0845) = 1c0a8d7224b6b5cb65b24d38ac0967f8f8fb2da9 @ 1.13 log @Change a unused variable referacne to a fixed string that I missed when coping the Mac OS X sdk filename handling. Thank to Matthias Rampke in PR#45581 for catching this. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.12 2011/10/31 06:49:58 sbd Exp $ d23 1 @ 1.12 log @Add a minor cleanup to my last commit. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.11 2011/10/31 04:17:24 sbd Exp $ d15 1 a15 1 SHA1 (patch-am) = 7cb89371d4afb32e9263aacee81c3a0ff7fef228 @ 1.11 log @Improve the gdbm_compat handling by searching any ndbm.h found for the string 'This file is part of GDBM' and ignoring it if it dose. Thanks to obache@@ for the idea. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.10 2011/10/18 21:59:18 sbd Exp $ d15 1 a15 1 SHA1 (patch-am) = 7154c710bb42b9e0f4c65cefd80285d4f26ce873 @ 1.10 log @Deal with the fact that if /usr/include/ndbm.h exists on Linux it probably belongs to gdbm_compat. I.E. _don't_ use ndbm on Linux. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.9 2011/09/30 08:37:24 yyamano Exp $ d15 1 a15 1 SHA1 (patch-am) = 593f14d9f4ad9f46c57cc43a2a6402ffb9312437 @ 1.9 log @Make this build on Mac OS X Lion. Same issue as pkg/45389. It is not a leaf package, but the changes affect Mac OS X only. Test builds on 10.5/i386, 10.7/i386 and 10.7/x86_64 (thanks ryoon@@). @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.8 2011/09/16 19:17:52 bsiegert Exp $ d15 1 a15 1 SHA1 (patch-am) = 8b546a0eb9b5e6d287b6fead2d0c20fd457b5b66 @ 1.9.2.1 log @Pullup ticket #3572 - requested by sbd lang/python24: build fix lang/python25: build fix lang/python26: build fix lang/python27: build fix lang/python31: build fix security/cyrus-sasl: build fix Revisions pulled up: - lang/python24/distinfo 1.36 - lang/python24/patches/patch-am 1.7 - lang/python25/distinfo 1.18 - lang/python25/patches/patch-am 1.8 - lang/python26/distinfo 1.39 - lang/python26/patches/patch-am 1.17 - lang/python27/distinfo 1.10 - lang/python27/patches/patch-am 1.4 - lang/python31/distinfo 1.4 - lang/python31/patches/patch-am 1.3 - security/cyrus-sasl/Makefile 1.58 --- Module Name: pkgsrc Committed By: sbd Date: Tue Oct 18 21:59:19 UTC 2011 Modified Files: pkgsrc/lang/python24: distinfo pkgsrc/lang/python24/patches: patch-am pkgsrc/lang/python25: distinfo pkgsrc/lang/python25/patches: patch-am pkgsrc/lang/python26: distinfo pkgsrc/lang/python26/patches: patch-am pkgsrc/lang/python27: distinfo pkgsrc/lang/python27/patches: patch-am pkgsrc/lang/python31: distinfo pkgsrc/lang/python31/patches: patch-am pkgsrc/security/cyrus-sasl: Makefile Log Message: Deal with the fact that if /usr/include/ndbm.h exists on Linux it probably belongs to gdbm_compat. I.E. _don't_ use ndbm on Linux. @ text @d1 1 a1 1 $NetBSD$ d15 1 a15 1 SHA1 (patch-am) = 593f14d9f4ad9f46c57cc43a2a6402ffb9312437 @ 1.8 log @Add MirBSD support here, too, same as in python26. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.7 2011/09/16 08:50:44 adam Exp $ d6 3 @ 1.7 log @One again, fix for Clang and interger overflow, this time is should be correct @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.6 2011/09/14 06:59:54 adam Exp $ d11 1 a11 1 SHA1 (patch-al) = 01cd5a1c29f03d6ad13bfb0584b95f85b4761dba d19 1 @ 1.6 log @Fix compiling with Clang: Python's issue 11149 @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.5 2011/06/13 11:31:13 obache Exp $ d11 1 a11 1 SHA1 (patch-al) = e67d7bac37d9e3199e1ca0735cf2cd73c51ebfd7 @ 1.5 log @Update python27 to 2.7.2. What's New in Python 2.7.2? =========================== *Release date: 2011-06-11* Library ------- - Issue #12009: Fixed regression in netrc file comment handling. Extension Modules ----------------- - Issue #1221: Make pyexpat.__version__ equal to the Python version. What's New in Python 2.7.2 release candidate 1? =============================================== *Release date: 2011-05-29* Core and Builtins ----------------- - Issue #9670: Increase the default stack size for secondary threads on Mac OS X and FreeBSD to reduce the chances of a crash instead of a "maximum recursion depth" RuntimeError exception. (patch by Ronald Oussoren) - Correct lookup of __dir__ on objects. This allows old-style classes to have __dir__. It also causes errors besides AttributeError found on lookup to be propagated. - Issue #1195: Fix input() if it is interrupted by CTRL+d and then CTRL+c, clear the end-of-file indicator after CTRL+d. - Issue #8651: PyArg_Parse*() functions raise an OverflowError if the file doesn't have PY_SSIZE_T_CLEAN define and the size doesn't fit in an int (length bigger than 2^31-1 bytes). - Issue #8651: Fix "z#" format of PyArg_Parse*() function: the size was not written if PY_SSIZE_T_CLEAN is defined. - Issue #9756: When calling a method descriptor or a slot wrapper descriptor, the check of the object type doesn't read the __class__ attribute anymore. Fix a crash if a class override its __class__ attribute (e.g. a proxy of the str type). Patch written by Andreas Stührk. - Issue #10517: After fork(), reinitialize the TLS used by the PyGILState_* APIs, to avoid a crash with the pthread implementation in RHEL 5. Patch by Charles-François Natali. - Issue #6780: fix starts/endswith error message to mention that tuples are accepted too. - Issue #5057: fix a bug in the peepholer that led to non-portable pyc files between narrow and wide builds while optimizing BINARY_SUBSCR on non-BMP chars (e.g. u"\U00012345"[0]). - Issue #11650: PyOS_StdioReadline() retries fgets() if it was interrupted (EINTR), for example if the program is stopped with CTRL+z on Mac OS X. Patch written by Charles-Francois Natali. - Issue #11144: Ensure that int(a_float) returns an int whenever possible. Previously, there were some corner cases where a long was returned even though the result was within the range of an int. - Issue #11450: Don't truncate hg version info in Py_GetBuildInfo() when there are many tags (e.g. when using mq). Patch by Nadeem Vawda. - Issue #10451: memoryview objects could allow to mutate a readable buffer. Initial patch by Ross Lagerwall. - Issue #10892: Don't segfault when trying to delete __abstractmethods__ from a class. - Issue #8020: Avoid a crash where the small objects allocator would read non-Python managed memory while it is being modified by another thread. Patch by Matt Bandy. - Issue #11004: Repaired edge case in deque.count(). - Issue #8278: On Windows and with a NTFS filesystem, os.stat() and os.utime() can now handle dates after 2038. - Issue #4236: Py_InitModule4 now checks the import machinery directly rather than the Py_IsInitialized flag, avoiding a Fatal Python error in certain circumstances when an import is done in __del__. - issue #11828: startswith and endswith don't accept None as slice index. Patch by Torsten Becker. - Issue #10674: Remove unused 'dictmaker' rule from grammar. - Issue #10596: Fix float.__mod__ to have the same behaviour as float.__divmod__ with respect to signed zeros. -4.0 % 4.0 should be 0.0, not -0.0. - Issue #11386: bytearray.pop() now throws IndexError when the bytearray is empty, instead of OverflowError. Library ------- - Issue #12161: Cause StringIO.getvalue() to raise a ValueError when used on a closed StringIO instance. - Issue #12182: Fix pydoc.HTMLDoc.multicolumn() if Python uses the new (true) division (python -Qnew). Patch written by Ralf W. Grosse-Kunstleve. - Issue #12175: RawIOBase.readall() now returns None if read() returns None. - Issue #12175: FileIO.readall() now raises a ValueError instead of an IOError if the file is closed. - Issue #1441530: In imaplib, use makefile() to wrap the SSL socket to avoid heap fragmentation and MemoryError with some malloc implementations. - Issue #12100: Don't reset incremental encoders of CJK codecs at each call to their encode() method anymore, but continue to call the reset() method if the final argument is True. - Issue #12124: zipimport doesn't keep a reference to zlib.decompress() anymore to be able to unload the module. - Issue #11088: don't crash when using F5 to run a script in IDLE on MacOSX with Tk 8.5. - Issue #10154, #10090: change the normalization of UTF-8 to "UTF-8" instead of "UTF8" in the locale module as the latter is not supported MacOSX and OpenBSD. - Issue #9516: avoid errors in sysconfig when MACOSX_DEPLOYMENT_TARGET is set in shell. - Issue #12050: zlib.decompressobj().decompress() now clears the unconsumed_tail attribute when called without a max_length argument. - Issue #12062: In the `io` module, fix a flushing bug when doing a certain type of I/O sequence on a file opened in read+write mode (namely: reading, seeking a bit forward, writing, then seeking before the previous write but still within buffered data, and writing again). - Issue #8498: In socket.accept(), allow to specify 0 as a backlog value in order to accept exactly one connection. Patch by Daniel Evers. - Issue #12012: ssl.PROTOCOL_SSLv2 becomes optional. - Issue #11164: Remove obsolete allnodes test from minidom test. - Issue #11927: SMTP_SSL now uses port 465 by default as documented. Patch by Kasun Herath. - Issue 11999: fixed sporadic sync failure mailbox.Maildir due to its trying to detect mtime changes by comparing to the system clock instead of to the previous value of the mtime. - Issue #10684: shutil.move used to delete a folder on case insensitive filesystems when the source and destination name where the same except for the case. - Issue #11982: fix json.loads('""') to return u'' rather than ''. - Issue #11277: mmap.mmap() calls fcntl(fd, F_FULLFSYNC) on Mac OS X to get around a mmap bug with sparse files. Patch written by Steffen Daode Nurpmeso. - Issue #10761: Fix tarfile.extractall failure when symlinked files are present. Initial patch by Scott Leerssen. - Issue #11763: don't use difflib in TestCase.assertMultiLineEqual if the strings are too long. - Issue #11236: getpass.getpass responds to ctrl-c or ctrl-z on terminal. - Issue #11768: The signal handler of the signal module only calls Py_AddPendingCall() for the first signal to fix a deadlock on reentrant or parallel calls. PyErr_SetInterrupt() writes also into the wake up file. - Issue #11875: collections.OrderedDict's __reduce__ was temporarily mutating the object instead of just working on a copy. - Issue #11442: Add a charset parameter to the Content-type in SimpleHTTPServer to avoid XSS attacks. - Issue #11467: Fix urlparse behavior when handling urls which contains scheme specific part only digits. Patch by Santoso Wijaya. - collections.Counter().copy() now works correctly for subclasses. - Issue #11474: Fix the bug with url2pathname() handling of '/C|/' on Windows. Patch by Santoso Wijaya. - Issue #9233: Fix json.loads('{}') to return a dict (instead of a list), when _json is not available. - Issue #11703: urllib2.geturl() does not return correct url when the original url contains #fragment. - Issue #10019: Fixed regression in json module where an indent of 0 stopped adding newlines and acted instead like 'None'. - Issue #5162: Treat services like frozen executables to allow child spawning from multiprocessing.forking on Windows. - Issue #4877: Fix a segfault in xml.parsers.expat while attempting to parse a closed file. - Issue #11830: Remove unnecessary introspection code in the decimal module. It was causing a failed import in the Turkish locale where the locale sensitive str.upper() method caused a name mismatch. - Issue #8428: Fix a race condition in multiprocessing.Pool when terminating worker processes: new processes would be spawned while the pool is being shut down. Patch by Charles-François Natali. - Issue #7311: Fix HTMLParser to accept non-ASCII attribute values. - Issue #10963: Ensure that subprocess.communicate() never raises EPIPE. - Issue #11662: Make urllib and urllib2 ignore redirections if the scheme is not HTTP, HTTPS or FTP (CVE-2011-1521). - Issue #11256: Fix inspect.getcallargs on functions that take only keyword arguments. - Issue #11696: Fix ID generation in msilib. - Issue #9696: Fix exception incorrectly raised by xdrlib.Packer.pack_int when trying to pack a negative (in-range) integer. - Issue #11675: multiprocessing.[Raw]Array objects created from an integer size are now zeroed on creation. This matches the behaviour specified by the documentation. - Issue #7639: Fix short file name generation in bdist_msi. - Issue #11666: let help() display named tuple attributes and methods that start with a leading underscore. - Issue #11673: Fix multiprocessing Array and RawArray constructors to accept a size of type 'long', rather than only accepting 'int'. - Issue #10042: Fixed the total_ordering decorator to handle cross-type comparisons that could lead to infinite recursion. - Issue #10979: unittest stdout buffering now works with class and module setup and teardown. - Issue #11569: use absolute path to the sysctl command in multiprocessing to ensure that it will be found regardless of the shell PATH. This ensures that multiprocessing.cpu_count works on default installs of MacOSX. - Issue #11500: Fixed a bug in the os x proxy bypass code for fully qualified IP addresses in the proxy exception list. - Issue #11131: Fix sign of zero in plus and minus operations when the context rounding mode is ROUND_FLOOR. - Issue #5622: Fix curses.wrapper to raise correct exception if curses initialization fails. - Issue #11391: Writing to a mmap object created with ``mmap.PROT_READ|mmap.PROT_EXEC`` would segfault instead of raising a TypeError. Patch by Charles-François Natali. - Issue #11306: mailbox in certain cases adapts to an inability to open certain files in read-write mode. Previously it detected this by checking for EACCES, now it also checks for EROFS. - Issue #11265: asyncore now correctly handles EPIPE, EBADF and EAGAIN errors on accept(), send() and recv(). - Issue #11326: Add the missing connect_ex() implementation for SSL sockets, and make it work for non-blocking connects. - Issue #10956: Buffered I/O classes retry reading or writing after a signal has arrived and the handler returned successfully. - Issue #10680: Fix mutually exclusive arguments for argument groups in argparse. - Issue #4681: Allow mmap() to work on file sizes and offsets larger than 4GB, even on 32-bit builds. Initial patch by Ross Lagerwall, adapted for 32-bit Windows. - Issue #10360: In WeakSet, do not raise TypeErrors when testing for membership of non-weakrefable objects. - Issue #10549: Fix pydoc traceback when text-documenting certain classes. - Issue #940286: pydoc.Helper.help() ignores input/output init parameters. - Issue #11171: Fix detection of config/Makefile when --prefix != --exec-prefix, which caused Python to not start. - Issue #11116: any error during addition of a message to a mailbox now causes a rollback, instead of leaving the mailbox partially modified. - Issue #8275: Fix passing of callback arguments with ctypes under Win64. Patch by Stan Mihai. - Issue #10940: Workaround an IDLE hang on Mac OS X 10.6 when using the menu accelerators for Open Module, Go to Line, and New Indent Width. The accelerators still work but no longer appear in the menu items. - Issue #10907: Warn OS X 10.6 IDLE users to use ActiveState Tcl/Tk 8.5, rather than the currently problematic Apple-supplied one, when running with the 64-/32-bit installer variant. - Issue #11052: Correct IDLE menu accelerators on Mac OS X for Save commands. - Issue #10949: Improved robustness of rotating file handlers. - Issue #10955: Fix a potential crash when trying to mmap() a file past its length. Initial patch by Ross Lagerwall. - Issue #10898: Allow compiling the posix module when the C library defines a symbol named FSTAT. - Issue #6075: IDLE on Mac OS X now works with both Carbon AquaTk and Cocoa AquaTk. - Issue #10916: mmap should not segfault when a file is mapped using 0 as length and a non-zero offset, and an attempt to read past the end of file is made (IndexError is raised instead). Patch by Ross Lagerwall. - Issue #10875: Update Regular Expression HOWTO; patch by 'SilentGhost'. - Issue #10827: Changed the rules for 2-digit years. The time.asctime function will now format any year when ``time.accept2dyear`` is false and will accept years >= 1000 otherwise. The year range accepted by ``time.mktime`` and ``time.strftime`` is still system dependent, but ``time.mktime`` will now accept full range supported by the OS. Conversion of 2-digit years to 4-digit is deprecated. - Issue #10869: Fixed bug where ast.increment_lineno modified the root node twice. - Issue #7858: Raise an error properly when os.utime() fails under Windows on an existing file. - Issue #3839: wsgiref should not override a Content-Length header set by the application. Initial patch by Clovis Fabricio. - Issue #10806, issue #9905: Fix subprocess pipes when some of the standard file descriptors (0, 1, 2) are closed in the parent process. Initial patch by Ross Lagerwall. - Issue #4662: os.tempnam(), os.tmpfile() and os.tmpnam() now raise a py3k DeprecationWarning. - Subclasses of collections.OrderedDict now work correctly with __missing__. - Issue #10753 - Characters ';', '=' and ',' in the PATH_INFO environment variable won't be quoted when the URI is constructed by the wsgiref.util 's request_uri method. According to RFC 3986, these characters can be a part of params in PATH component of URI and need not be quoted. - Issue #10738: Fix webbrowser.Opera.raise_opts - Issue #9824: SimpleCookie now encodes , and ; in values to cater to how browsers actually parse cookies. - Issue #1379416: eliminated a source of accidental unicode promotion in email.header.Header.encode. - Issue #5258/#10642: if site.py encounters a .pth file that generates an error, it now prints the filename, line number, and traceback to stderr and skips the rest of that individual file, instead of stopping processing entirely. - Issue #10750: The ``raw`` attribute of buffered IO objects is now read-only. - Issue #10242: unittest.TestCase.assertItemsEqual makes too many assumptions about input. - Issue #10611: SystemExit should not cause a unittest test run to exit. - Issue #6791: Limit header line length (to 65535 bytes) in http.client, to avoid denial of services from the other party. - Issue #10404: Use ctl-button-1 on OSX for the context menu in Idle. - Issue #9907: Fix tab handling on OSX when using editline by calling rl_initialize first, then setting our custom defaults, then reading .editrc. - Issue #4188: Avoid creating dummy thread objects when logging operations from the threading module (with the internal verbose flag activated). - Issue #9721: Fix the behavior of urljoin when the relative url starts with a ';' character. Patch by Wes Chow. - Issue #10714: Limit length of incoming request in http.server to 65536 bytes for security reasons. Initial patch by Ross Lagerwall. - Issue #9558: Fix distutils.command.build_ext with VS 8.0. - Issue #10695: passing the port as a string value to telnetlib no longer causes debug mode to fail. - Issue #10107: Warn about unsaved files in IDLE on OSX. - Issue #10406: Enable Rstrip IDLE extension on OSX (just like on other platforms). - Issue #10478: Reentrant calls inside buffered IO objects (for example by way of a signal handler) now raise a RuntimeError instead of freezing the current process. - Issue #10497: Fix incorrect use of gettext in argparse. - Issue #10464: netrc now correctly handles lines with embedded '#' characters. - Issue #1731717: Fixed the problem where subprocess.wait() could cause an OSError exception when The OS had been told to ignore SIGCLD in our process or otherwise not wait for exiting child processes. - Issue #9509: argparse now properly handles IOErrors raised by argparse.FileType. - Issue #9348: Raise an early error if argparse nargs and metavar don't match. - Issue #8982: Improve the documentation for the argparse Namespace object. - Issue #9343: Document that argparse parent parsers must be configured before their children. - Issue #9026: Fix order of argparse sub-commands in help messages. - Issue #9347: Fix formatting for tuples in argparse type= error messages. Extension Modules ----------------- - Stop using the old interface for providing methods and attributes in the _sre module. Among other things, this gives these classes ``__class__`` attributes. (See #12099) - Issue #10169: Fix argument parsing in socket.sendto() to avoid error masking. - Issue #12051: Fix segfault in json.dumps() while encoding highly-nested objects using the C accelerations. - Issue #12017: Fix segfault in json.loads() while decoding highly-nested objects using the C accelerations. - Issue #1838: Prevent segfault in ctypes, when _as_parameter_ on a class is set to an instance of the class. - Issue #678250: Make mmap flush a noop on ACCESS_READ and ACCESS_COPY. Build ----- - Issue #11217: For 64-bit/32-bit Mac OS X universal framework builds, ensure "make install" creates symlinks in --prefix bin for the "-32" files in the framework bin directory like the installer does. - Issue #11411: Fix 'make DESTDIR=' with a relative destination. - Issue #10709: Add updated AIX notes in Misc/README.AIX. - Issue #11184: Fix large-file support on AIX. - Issue #941346: Fix broken shared library build on AIX. - Issue #11268: Prevent Mac OS X Installer failure if Documentation package had previously been installed. - Issue #11079: The /Applications/Python x.x folder created by the Mac OS X installers now includes a link to the installed documentation. - Issue #11054: Allow Mac OS X installer builds to again work on 10.5 with the system-provided Python. - Issue #10843: Update third-party library versions used in OS X 32-bit installer builds: bzip2 1.0.6, readline 6.1.2, SQLite 3.7.4 (with FTS3/FTS4 and RTREE enabled), and ncursesw 5.5 (wide-char support enabled). - Don't run pgen twice when using make -j. - Issue #7716: Under Solaris, don't assume existence of /usr/xpg4/bin/grep in the configure script but use $GREP instead. Patch by Fabian Groffen. - Issue #10475: Don't hardcode compilers for LDSHARED/LDCXXSHARED on NetBSD and DragonFly BSD. Patch by Nicolas Joly. - Issue #10655: Fix the build on PowerPC on Linux with GCC when building with timestamp profiling (--with-tsc): the preprocessor test for the PowerPC support now looks for "__powerpc__" as well as "__ppc__": the latter seems to only be present on OS X; the former is the correct one for Linux with GCC. - Issue #1099: Fix the build on MacOSX when building a framework with pydebug using GCC 4.0. IDLE ---- - Issue #11718: IDLE's open module dialog couldn't find the __init__.py file in a package. Tests ----- - Issue #12205: Fix test_subprocess failure due to uninstalled test data. - Issue #5723: Improve json tests to be executed with and without accelerations. - Issue #11910: Fix test_heapq to skip the C tests when _heapq is missing. - Fix test_startfile to wait for child process to terminate before finishing. - Issue #11719: Fix message about unexpected test_msilib skip on non-Windows platforms. Patch by Nadeem Vawda. - Issue #7108: Fix test_commands to not fail when special attributes ('@@' or '.') appear in 'ls -l' output. - Issue #11490: test_subprocess:test_leaking_fds_on_error no longer gives a false positive if the last directory in the path is inaccessible. - Issue #10822: Fix test_posix:test_getgroups failure under Solaris. Patch by Ross Lagerwall. - Issue #6293: Have regrtest.py echo back sys.flags. This is done by default in whole runs and enabled selectively using ``--header`` when running an explicit list of tests. Original patch by Collin Winter. - Issue #775964: test_grp now skips YP/NIS entries instead of failing when encountering them. - Issue #7110: regrtest now sends test failure reports and single-failure tracebacks to stderr rather than stdout. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.4 2011/05/06 16:27:04 abs Exp $ d11 1 a11 1 SHA1 (patch-al) = f1c11a62106a5b5c2346d326525b85039d00f503 @ 1.4 log @Fix build on (at least RHEL 5.6). Tested (and no change) on NetBSD 5.99.51 @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.3 2011/03/28 16:00:07 drochner Exp $ d3 3 a5 3 SHA1 (Python-2.7.1.tar.bz2) = fbe1894322ff91b80726e269c97454f4129fc2a3 RMD160 (Python-2.7.1.tar.bz2) = 3ce59305f6cd3fb320a53771d0ea01ec0687005f Size (Python-2.7.1.tar.bz2) = 11722546 bytes d11 2 a12 2 SHA1 (patch-al) = 2c6a578b62dfba45b2ba01a6b004f1d8feee0fe2 SHA1 (patch-am) = 760ed52308b31043bbf28528adf2a99f2420d85b d14 2 a15 2 SHA1 (patch-ao) = 2061473e5e672b4cc38d91c5d8f885cb361a35b3 SHA1 (patch-au) = 700dc128833af755f3ea08c4db79c127453b12e6 d18 1 a18 3 SHA1 (patch-ax) = b3a69107d3abbc8476ce79fb05aa8c9f293896a2 SHA1 (patch-ca) = aa0ad5a9dff1cd7c1c456aa6371733727ac1425b SHA1 (patch-cb) = f8fa30bb9aae0ef02c187d1d6db176bac731381e @ 1.3 log @fix a security issue, using patches from upstream: stricter redirect handling in urllib, to prevent redirects to eg "file://" URLs (CVE-2011-1521) bump PKGREV @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.2 2011/02/22 10:50:37 adam Exp $ d12 1 a12 1 SHA1 (patch-am) = c0a72af7c9827a9107fb7d1862febd487b9b5c83 @ 1.2 log @Fix unprivileged build @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.1.1.1 2011/02/22 08:52:01 obache Exp $ d19 2 @ 1.1 log @Initial revision @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.20 2010/02/11 21:09:50 tnn Exp $ d15 1 a15 1 SHA1 (patch-au) = 4eba74a2305e5e49eb5797d9623a262c47096453 @ 1.1.1.1 log @Import python27-2.7.1 as lang/python27. Python 2.7 is intended to be the last major release in the 2.x series. The Python maintainers are planning to focus their future efforts on the Python 3.x series. This means that 2.7 will remain in place for a long time, running production systems that have not been ported to Python 3.x. Two consequences of the long-term significance of 2.7 are: * It's very likely the 2.7 release will have a longer period of maintenance compared to earlier 2.x versions. Python 2.7 will continue to be maintained while the transition to 3.x continues, and the developers are planning to support Python 2.7 with bug-fix releases beyond the typical two years. * A policy decision was made to silence warnings only of interest to developers. :exc:`DeprecationWarning` and its descendants are now ignored unless otherwise requested, preventing users from seeing warnings triggered by an application. This change was also made in the branch that will become Python 3.2. (Discussed on stdlib-sig and carried out in :issue:`7319`.) In previous releases, :exc:`DeprecationWarning` messages were enabled by default, providing Python developers with a clear indication of where their code may break in a future major version of Python. However, there are increasingly many users of Python-based applications who are not directly involved in the development of those applications. :exc:`DeprecationWarning` messages are irrelevant to such users, making them worry about an application that's actually working correctly and burdening application developers with responding to these concerns. You can re-enable display of :exc:`DeprecationWarning` messages by running Python with the :option:`-Wdefault <-W>` (short form: :option:`-Wd <-W>`) switch, or by setting the :envvar:`PYTHONWARNINGS` environment variable to ``"default"`` (or ``"d"``) before running Python. Python code can also re-enable them by calling ``warnings.simplefilter('default')``. @ text @@