From 6d5c517d278cc133a05342942be1a38572431a6b Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: May 16 2023 06:23:37 +0000 Subject: import python3-3.6.8-51.el8 --- diff --git a/SPECS/python3.spec b/SPECS/python3.spec index cd2dd36..5f7c0a2 100644 --- a/SPECS/python3.spec +++ b/SPECS/python3.spec @@ -14,7 +14,7 @@ URL: https://www.python.org/ # WARNING When rebasing to a new Python version, # remember to update the python3-docs package as well Version: %{pybasever}.8 -Release: 48%{?dist}.1 +Release: 51%{?dist} License: Python @@ -1267,6 +1267,7 @@ mkdir -p %{buildroot}$DirHoldingGdbPy %global _pyconfig64_h pyconfig-64.h %global _pyconfig_h pyconfig-%{wordsize}.h + # Use a common function to do an install for all our configurations: InstallPython() { @@ -1484,6 +1485,11 @@ touch %{buildroot}%{_bindir}/unversioned-python touch %{buildroot}%{_bindir}/idle3 touch %{buildroot}%{_mandir}/man1/python.1.gz +# Strip the LTO bytecode from python.o +# Based on the fedora brp-strip-lto scriptlet +# https://src.fedoraproject.org/rpms/redhat-rpm-config/blob/9dd5528cf9805ebfe31cff04fe7828ad06a6023f/f/brp-strip-lto +find %{buildroot} -type f -name 'python.o' -print0 | xargs -0 \ +bash -c "strip -p -R .gnu.lto_* -R .gnu.debuglto_* -N __gnu_lto_v1 \"\$@\"" ARG0 # ====================================================== # Checks for packaging issues @@ -2035,13 +2041,22 @@ fi # ====================================================== %changelog -* Wed Dec 21 2022 Charalampos Stratakis - 3.6.8-48.1 -- Security fixes for CVE-2020-10735, CVE-2021-28861 and CVE-2022-45061 -Resolves: rhbz#1834423, rhbz#2120642, rhbz#2144072 +* Tue Jan 24 2023 Charalampos Stratakis - 3.6.8-51 +- Properly strip the LTO bytecode from python.o +Resolves: rhbz#2137707 + +* Wed Dec 21 2022 Charalampos Stratakis - 3.6.8-50 +- Security fix for CVE-2022-45061 +- Strip the LTO bytecode from python.o +Resolves: rhbz#2144072, rhbz#2137707 + +* Tue Oct 25 2022 Charalampos Stratakis - 3.6.8-49 +- Security fixes for CVE-2020-10735 and CVE-2021-28861 +Resolves: rhbz#1834423, rhbz#2120642 * Thu Oct 20 2022 Charalampos Stratakis - 3.6.8-48 - Release bump -Resolves: rhbz#2136436 +Resolves: rhbz#2136435 * Tue Jun 14 2022 Charalampos Stratakis - 3.6.8-47 - Security fix for CVE-2015-20107