From 5d5dc015697143c5892bcb792e10fe7047ed1d44 Mon Sep 17 00:00:00 2001 From: Patrick J Volkerding Date: Fri, 18 Mar 2022 20:16:12 +0000 Subject: Fri Mar 18 20:16:12 UTC 2022 patches/packages/python3-3.9.11-x86_64-1_slack15.0.txz: Upgraded. This update fixes bugs and security issues: libexpat upgraded from 2.4.1 to 2.4.7 bundled pip upgraded from 21.2.4 to 22.0.4 authorization bypass fixed in urllib.request REDoS avoided in importlib.metadata For more information, see: https://pythoninsider.blogspot.com/2022/03/python-3103-3911-3813-and-3713-are-now.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28363 (* Security fix *) --- patches/source/python3/README | 18 ++ .../source/python3/python.sysconfig.py.x86_64.diff | 24 +++ patches/source/python3/python3.SlackBuild | 181 +++++++++++++++++++++ .../source/python3/python3.distutils.x86_64.diff | 30 ++++ .../source/python3/python3.no-static-library.diff | 75 +++++++++ .../python3.readline.set_pre_input_hook.diff | 12 ++ .../source/python3/python3.setup.py.x86_64.diff | 11 ++ patches/source/python3/python3.url | 1 + patches/source/python3/slack-desc | 19 +++ 9 files changed, 371 insertions(+) create mode 100644 patches/source/python3/README create mode 100644 patches/source/python3/python.sysconfig.py.x86_64.diff create mode 100755 patches/source/python3/python3.SlackBuild create mode 100644 patches/source/python3/python3.distutils.x86_64.diff create mode 100644 patches/source/python3/python3.no-static-library.diff create mode 100644 patches/source/python3/python3.readline.set_pre_input_hook.diff create mode 100644 patches/source/python3/python3.setup.py.x86_64.diff create mode 100644 patches/source/python3/python3.url create mode 100644 patches/source/python3/slack-desc (limited to 'patches/source') diff --git a/patches/source/python3/README b/patches/source/python3/README new file mode 100644 index 000000000..8197d5920 --- /dev/null +++ b/patches/source/python3/README @@ -0,0 +1,18 @@ +Python is an interpreted, interactive, object-oriented programming +language that combines remarkable power with very clear syntax. +Python's basic power can be extended with your own modules written in C +or C++. Python is also adaptable as an extension language for existing +applications. + +Python 3 (a.k.a. "Python 3000" or "Py3k") is a new version of the +language that is incompatible with the 2.x line of releases. The +language is mostly the same, but many details, especially how built-in +objects like dictionaries and strings work, have changed considerably, +and a lot of deprecated features have finally been removed. Also, the +standard library has been reorganized in a few prominent places. + +It is safe to install alongside Slackware's Python 2.x. + +If you'd like to have HTML docs installed, get them from + (HTML format, .tar.bz2 +archive). diff --git a/patches/source/python3/python.sysconfig.py.x86_64.diff b/patches/source/python3/python.sysconfig.py.x86_64.diff new file mode 100644 index 000000000..3f607cb48 --- /dev/null +++ b/patches/source/python3/python.sysconfig.py.x86_64.diff @@ -0,0 +1,24 @@ +--- ./Lib/sysconfig.py.orig 2020-10-05 10:07:58.000000000 -0500 ++++ ./Lib/sysconfig.py 2020-10-24 17:23:51.323197869 -0500 +@@ -22,7 +22,7 @@ + 'posix_prefix': { + 'stdlib': '{installed_base}/{platlibdir}/python{py_version_short}', + 'platstdlib': '{platbase}/{platlibdir}/python{py_version_short}', +- 'purelib': '{base}/lib/python{py_version_short}/site-packages', ++ 'purelib': '{base}/lib64/python{py_version_short}/site-packages', + 'platlib': '{platbase}/{platlibdir}/python{py_version_short}/site-packages', + 'include': + '{installed_base}/include/python{py_version_short}{abiflags}', +@@ -33,9 +33,9 @@ + }, + 'posix_home': { + 'stdlib': '{installed_base}/lib/python', +- 'platstdlib': '{base}/lib/python', +- 'purelib': '{base}/lib/python', +- 'platlib': '{base}/lib/python', ++ 'platstdlib': '{base}/lib64/python', ++ 'purelib': '{base}/lib64/python', ++ 'platlib': '{base}/lib64/python', + 'include': '{installed_base}/include/python', + 'platinclude': '{installed_base}/include/python', + 'scripts': '{base}/bin', diff --git a/patches/source/python3/python3.SlackBuild b/patches/source/python3/python3.SlackBuild new file mode 100755 index 000000000..a07686f7b --- /dev/null +++ b/patches/source/python3/python3.SlackBuild @@ -0,0 +1,181 @@ +#!/bin/bash + +# Slackware build script for python3 + +# Copyright 2012-2017 Audrius Kažukauskas +# Copyright 2017, 2018, 2019 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR "AS IS" AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +cd $(dirname $0) ; CWD=$(pwd) + +PKGNAM=python3 +SRCNAM=Python +VERSION=$(echo $SRCNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev) +BRANCH_VERSION=$(echo $VERSION | cut -f 1,2 -d . ) +BUILD=${BUILD:-1_slack15.0} + +NUMJOBS=${NUMJOBS:-" -j$(expr $(nproc) + 1) "} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i586 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# If the variable PRINT_PACKAGE_NAME is set, then this script will report what +# the name of the created package would be, and then exit. This information +# could be useful to other scripts. +if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then + echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz" + exit 0 +fi + +TMP=${TMP:-/tmp} +PKG=$TMP/package-$PKGNAM +rm -rf $PKG +mkdir -p $TMP $PKG + +# Don't set any SLKCFLAGS here, or OPT="$SLKCFLAGS" before the ./configure. +# Python gets the compile options right without any help. +if [ "$ARCH" = "i586" ]; then + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +elif [ "$ARCH" = "arm" ]; then + LIBDIRSUFFIX="" +elif [ "$ARCH" = "armel" ]; then + LIBDIRSUFFIX="" +fi + +# Location for Python site-packages: +SITEPK=$PKG/usr/lib${LIBDIRSUFFIX}/python${BRANCH_VERSION}/site-packages +# same as above without $PKG +TOOLSDIR=/usr/lib${LIBDIRSUFFIX}/python${BRANCH_VERSION}/site-packages + +cd $TMP +rm -rf $SRCNAM-$VERSION +tar xf $CWD/$SRCNAM-$VERSION.tar.xz || exit 1 +cd $SRCNAM-$VERSION || exit 1 + +zcat $CWD/python3.readline.set_pre_input_hook.diff.gz | patch -p1 --verbose || exit 1 + +# We don't want a large libpython*.a. +zcat $CWD/python3.no-static-library.diff.gz | patch -p1 --verbose || exit 1 + +if [ "$ARCH" = "x86_64" ]; then + # Install to lib64 instead of lib. + zcat $CWD/python.sysconfig.py.x86_64.diff.gz | patch -p1 --verbose || exit 1 + zcat $CWD/python3.distutils.x86_64.diff.gz | patch -p1 --verbose || exit 1 + zcat $CWD/python3.setup.py.x86_64.diff.gz | patch -p1 --verbose || exit 1 +fi + +# Fix python3 path in cgi.py. +sed -i '1s|^#.*/usr/local/bin/python|#!/usr/bin/python3|' Lib/cgi.py + +# If system we're building on already has Python3 with pip in site-packages, +# ignore it and install pip anyway. +sed -i 's|\("install",\)|\1 "--ignore-installed",|' Lib/ensurepip/__init__.py + +chown -R root:root . +find -L . \ + \( -perm 777 -o -perm 775 -o -perm 750 -o -perm 711 -o -perm 555 \ + -o -perm 511 \) -exec chmod 755 {} \+ -o \ + \( -perm 666 -o -perm 664 -o -perm 640 -o -perm 600 -o -perm 444 \ + -o -perm 440 -o -perm 400 \) -exec chmod 644 {} \+ + +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --with-platlibdir=lib${LIBDIRSUFFIX} \ + --mandir=/usr/man \ + --docdir=/usr/doc/$PKGNAM-$VERSION \ + --enable-ipv6 \ + --enable-shared \ + --with-system-expat \ + --with-system-ffi \ + --enable-loadable-sqlite-extensions \ + --without-ensurepip \ + --build=$ARCH-slackware-linux || exit 1 + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +# Remove to avoid overwriting a copy from Python2. +rm -f $PKG/usr/bin/2to3 + +## NOPE, let's try using -I instead. +## Add a symlink to cpython include directory to fix various builds that +## do not expect the new location: +#( cd $PKG/usr/include +# ln -sf python?.?/cpython . +#) + +# We'll install the python-tools under site-packages. +mkdir -p $SITEPK +cp -a Tools/* $SITEPK + +# Remove DOS batch/exe files. +find $PKG \( -name '*.exe' -o -name '*.bat' \) -exec rm -f '{}' \+ + +# Fix permissions on dynamic libraries. +find $PKG -type f -perm 555 -exec chmod 755 '{}' \+ + +# Install docs. +mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION +cp -a README.rst LICENSE Misc $PKG/usr/doc/$PKGNAM-$VERSION +# Delete stuff that we don't need to package: +rm -f $PKG/usr/doc/$PKGNAM-$VERSION/Misc/{HISTORY,*.in,*.wpr,python.man,svnmap.txt} +mv $SITEPK/README $PKG/usr/doc/$PKGNAM-$VERSION/README.python-tools +( cd $PKG/usr/doc/$PKGNAM-$VERSION ; ln -sf $TOOLSDIR Tools ) +if [ -e "$CWD/python-$VERSION-docs-html.tar.bz2" ]; then + tar xf $CWD/python-$VERSION-docs-html.tar.bz2 + mv python-$VERSION-docs-html $PKG/usr/doc/$PKGNAM-$VERSION/docs-html + chown -R root:root $PKG/usr/doc/$PKGNAM-$VERSION/docs-html +fi +if [ -e "$CWD/python-$VERSION-docs-text.tar.bz2" ]; then + tar xf $CWD/python-$VERSION-docs-text.tar.bz2 + mv python-$VERSION-docs-text $PKG/usr/doc/$PKGNAM-$VERSION/docs-text + chown -R root:root $PKG/usr/doc/$PKGNAM-$VERSION/docs-text +fi + +# Fix possible incorrect permissions. +( cd $PKG + find . -type d -exec chmod 755 "{}" \+ + find . -perm 640 -exec chmod 644 "{}" \+ + find . -perm 750 -exec chmod 755 "{}" \+ +) + +find $PKG -print0 | xargs -0 file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true + +find $PKG/usr/man -type f -exec gzip -9 {} \+ +for i in $( find $PKG/usr/man -type l ) ; do ln -s $( readlink $i ).gz $i.gz ; rm $i ; done + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/python3-$VERSION-$ARCH-$BUILD.txz diff --git a/patches/source/python3/python3.distutils.x86_64.diff b/patches/source/python3/python3.distutils.x86_64.diff new file mode 100644 index 000000000..09c6e9669 --- /dev/null +++ b/patches/source/python3/python3.distutils.x86_64.diff @@ -0,0 +1,30 @@ +--- ./Lib/distutils/sysconfig.py.orig 2020-10-05 10:07:58.000000000 -0500 ++++ ./Lib/distutils/sysconfig.py 2020-10-24 17:31:20.860207925 -0500 +@@ -151,7 +151,7 @@ + libdir = sys.platlibdir + else: + # Pure Python +- libdir = "lib" ++ libdir = "lib64" + libpython = os.path.join(prefix, libdir, + "python" + get_python_version()) + if standard_lib: +--- ./Lib/distutils/command/install.py.orig 2020-10-05 10:07:58.000000000 -0500 ++++ ./Lib/distutils/command/install.py 2020-10-24 17:29:58.230206077 -0500 +@@ -29,14 +29,14 @@ + + INSTALL_SCHEMES = { + 'unix_prefix': { +- 'purelib': '$base/lib/python$py_version_short/site-packages', ++ 'purelib': '$base/lib64/python$py_version_short/site-packages', + 'platlib': '$platbase/$platlibdir/python$py_version_short/site-packages', + 'headers': '$base/include/python$py_version_short$abiflags/$dist_name', + 'scripts': '$base/bin', + 'data' : '$base', + }, + 'unix_home': { +- 'purelib': '$base/lib/python', ++ 'purelib': '$base/lib64/python', + 'platlib': '$base/$platlibdir/python', + 'headers': '$base/include/python/$dist_name', + 'scripts': '$base/bin', diff --git a/patches/source/python3/python3.no-static-library.diff b/patches/source/python3/python3.no-static-library.diff new file mode 100644 index 000000000..3b3afb07c --- /dev/null +++ b/patches/source/python3/python3.no-static-library.diff @@ -0,0 +1,75 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: David Malcolm +Date: Mon, 18 Jan 2010 17:59:07 +0000 +Subject: [PATCH] 00111: Don't try to build a libpythonMAJOR.MINOR.a +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Downstream only: not appropriate for upstream. + +See https://bugzilla.redhat.com/show_bug.cgi?id=556092 + +Co-authored-by: David Malcolm +Co-authored-by: Bohuslav Kabrda +Co-authored-by: Matej Stuchlik +Co-authored-by: Robert Kuska +Co-authored-by: Charalampos Stratakis +Co-authored-by: Miro Hrončok +--- + Makefile.pre.in | 21 ++------------------- + 1 file changed, 2 insertions(+), 19 deletions(-) + +diff --git a/Makefile.pre.in b/Makefile.pre.in +index 77f91e72b1..bb4069b18a 100644 +--- a/Makefile.pre.in ++++ b/Makefile.pre.in +@@ -586,7 +586,7 @@ clinic: check-clean-src $(srcdir)/Modules/_blake2/blake2s_impl.c + $(PYTHON_FOR_REGEN) $(srcdir)/Tools/clinic/clinic.py --make --srcdir $(srcdir) + + # Build the interpreter +-$(BUILDPYTHON): Programs/python.o $(LIBRARY) $(LDLIBRARY) $(PY3LIBRARY) $(EXPORTSYMS) ++$(BUILDPYTHON): Programs/python.o $(LDLIBRARY) $(PY3LIBRARY) $(EXPORTSYMS) + $(LINKCC) $(PY_CORE_LDFLAGS) $(LINKFORSHARED) -o $@ Programs/python.o $(BLDLIBRARY) $(LIBS) $(MODLIBS) $(SYSLIBS) + + platform: $(BUILDPYTHON) pybuilddir.txt +@@ -634,12 +634,6 @@ sharedmods: $(BUILDPYTHON) pybuilddir.txt Modules/_math.o + _TCLTK_INCLUDES='$(TCLTK_INCLUDES)' _TCLTK_LIBS='$(TCLTK_LIBS)' \ + $(PYTHON_FOR_BUILD) $(srcdir)/setup.py $$quiet build + +- +-# Build static library +-$(LIBRARY): $(LIBRARY_OBJS) +- -rm -f $@ +- $(AR) $(ARFLAGS) $@ $(LIBRARY_OBJS) +- + libpython$(LDVERSION).so: $(LIBRARY_OBJS) $(DTRACE_OBJS) + if test $(INSTSONAME) != $(LDLIBRARY); then \ + $(BLDSHARED) -Wl,-h$(INSTSONAME) -o $(INSTSONAME) $(LIBRARY_OBJS) $(MODLIBS) $(SHLIBS) $(LIBC) $(LIBM); \ +@@ -721,7 +715,7 @@ Makefile Modules/config.c: Makefile.pre \ + @echo "The Makefile was updated, you may need to re-run make." + + +-Programs/_testembed: Programs/_testembed.o $(LIBRARY) $(LDLIBRARY) $(PY3LIBRARY) $(EXPORTSYMS) ++Programs/_testembed: Programs/_testembed.o $(LDLIBRARY) $(PY3LIBRARY) $(EXPORTSYMS) + $(LINKCC) $(PY_CORE_LDFLAGS) $(LINKFORSHARED) -o $@ Programs/_testembed.o $(BLDLIBRARY) $(LIBS) $(MODLIBS) $(SYSLIBS) + + ############################################################################ +@@ -1630,17 +1624,6 @@ libainstall: @DEF_MAKE_RULE@ python-config + else true; \ + fi; \ + done +- @if test -d $(LIBRARY); then :; else \ +- if test "$(PYTHONFRAMEWORKDIR)" = no-framework; then \ +- if test "$(SHLIB_SUFFIX)" = .dll; then \ +- $(INSTALL_DATA) $(LDLIBRARY) $(DESTDIR)$(LIBPL) ; \ +- else \ +- $(INSTALL_DATA) $(LIBRARY) $(DESTDIR)$(LIBPL)/$(LIBRARY) ; \ +- fi; \ +- else \ +- echo Skip install of $(LIBRARY) - use make frameworkinstall; \ +- fi; \ +- fi + $(INSTALL_DATA) Modules/config.c $(DESTDIR)$(LIBPL)/config.c + $(INSTALL_DATA) Programs/python.o $(DESTDIR)$(LIBPL)/python.o + $(INSTALL_DATA) $(srcdir)/Modules/config.c.in $(DESTDIR)$(LIBPL)/config.c.in diff --git a/patches/source/python3/python3.readline.set_pre_input_hook.diff b/patches/source/python3/python3.readline.set_pre_input_hook.diff new file mode 100644 index 000000000..b55820c48 --- /dev/null +++ b/patches/source/python3/python3.readline.set_pre_input_hook.diff @@ -0,0 +1,12 @@ +--- ./Modules/readline.c.orig 2009-10-26 21:32:51.000000000 +0200 ++++ ./Modules/readline.c 2010-05-30 14:07:10.000000000 +0300 +@@ -12,6 +12,9 @@ + #include + #include + ++/* This seems to be needed for set_pre_input_hook to work */ ++#define HAVE_RL_PRE_INPUT_HOOK 1 ++ + #if defined(HAVE_SETLOCALE) + /* GNU readline() mistakenly sets the LC_CTYPE locale. + * This is evil. Only the user or the app's main() should do this! diff --git a/patches/source/python3/python3.setup.py.x86_64.diff b/patches/source/python3/python3.setup.py.x86_64.diff new file mode 100644 index 000000000..a7dd2a3b4 --- /dev/null +++ b/patches/source/python3/python3.setup.py.x86_64.diff @@ -0,0 +1,11 @@ +--- ./setup.py.orig 2020-10-05 10:07:58.000000000 -0500 ++++ ./setup.py 2020-10-24 17:35:07.299212991 -0500 +@@ -744,7 +744,7 @@ + # directories (i.e. '.' and 'Include') must be first. See issue + # 10520. + if not CROSS_COMPILING: +- add_dir_to_list(self.compiler.library_dirs, '/usr/local/lib') ++ add_dir_to_list(self.compiler.library_dirs, '/usr/local/lib64') + add_dir_to_list(self.compiler.include_dirs, '/usr/local/include') + # only change this for cross builds for 3.3, issues on Mageia + if CROSS_COMPILING: diff --git a/patches/source/python3/python3.url b/patches/source/python3/python3.url new file mode 100644 index 000000000..8738d0b14 --- /dev/null +++ b/patches/source/python3/python3.url @@ -0,0 +1 @@ +http://www.python.org/ftp/python/ diff --git a/patches/source/python3/slack-desc b/patches/source/python3/slack-desc new file mode 100644 index 000000000..ca18863aa --- /dev/null +++ b/patches/source/python3/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. +# Line up the first '|' above the ':' following the base package name, and +# the '|' on the right side marks the last column you can put a character in. +# You must make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':' except on otherwise blank lines. + + |-----handy-ruler------------------------------------------------------| +python3: python3 (object-oriented interpreted programming language v3) +python3: +python3: Python is an interpreted, interactive, object-oriented programming +python3: language that combines remarkable power with very clear syntax. +python3: This is a new version of the language that is incompatible with the +python3: 2.x line of releases. The language is mostly the same, but many +python3: details, especially how built-in objects like dictionaries and strings +python3: work, have changed considerably, and a lot of deprecated features have +python3: finally been removed. Also, the standard library has been reorganized +python3: in a few prominent places. +python3: -- cgit v1.2.3-65-gdbad