Wed Dec 4 22:24:22 UTC 2024

patches/packages/python3-3.9.21-x86_64-1_slack15.0.txz: Upgraded. This update fixes security issues: gh-126623: Upgraded libexpat to 2.6.4 to fix CVE-2024-50602. gh-122792: Changed IPv4-mapped ipaddress.IPv6Address to consistently use the mapped IPv4 address value for deciding properties. Properties which have their behavior fixed are is_multicast, is_reserved, is_link_local, is_global, and is_unspecified. gh-124651: Properly quote template strings in venv activation scripts. gh-103848: Added checks to ensure that [ bracketed ] hosts found by urllib.parse.urlsplit() are of IPv6 or IPvFuture format. gh-95588: Clarified the conflicting advice given in the ast documentation about ast.literal_eval() being safe for use on untrusted input while at the same time warning that it can crash the process. The latter statement is true and is deemed unfixable without a large amount of work unsuitable for a bugfix. So we keep the warning and no longer claim that literal_eval is safe. For more information, see: https://pythoninsider.blogspot.com/2024/12/python-3131-3128-31111-31016-and-3921.html https://www.cve.org/CVERecord?id=CVE-2024-50602 (* Security fix *)
2024-12-26 09:58:59 +01:00 · 2024-12-04 22:24:22 +00:00 · 2024-12-04 22:24:22 +00:00 · 39de03bf5f
commit 39de03bf5f
parent ed6f2434aa
4 changed files with 73 additions and 23 deletions
--- a/ChangeLog.rss
+++ b/ChangeLog.rss
@ -11,9 +11,38 @@
      <description>Tracking Slackware development in git.</description>
      <language>en-us</language>
      <id xmlns="http://www.w3.org/2005/Atom">urn:uuid:c964f45e-6732-11e8-bbe5-107b4450212f</id>
-      <pubDate>Tue,  3 Dec 2024 22:37:55 GMT</pubDate>
-      <lastBuildDate>Wed,  4 Dec 2024 12:30:31 GMT</lastBuildDate>
+      <pubDate>Wed,  4 Dec 2024 22:24:22 GMT</pubDate>
+      <lastBuildDate>Thu,  5 Dec 2024 12:30:29 GMT</lastBuildDate>
      <generator>maintain_current_git.sh v 1.17</generator>
+      <item>
+         <title>Wed,  4 Dec 2024 22:24:22 GMT</title>
+         <pubDate>Wed,  4 Dec 2024 22:24:22 GMT</pubDate>
+         <link>https://git.slackware.nl/current/tag/?h=20241204222422</link>
+         <guid isPermaLink="false">20241204222422</guid>
+         <description>
+           <![CDATA[<pre>
+patches/packages/python3-3.9.21-x86_64-1_slack15.0.txz:  Upgraded.
+  This update fixes security issues:
+  gh-126623: Upgraded libexpat to 2.6.4 to fix CVE-2024-50602.
+  gh-122792: Changed IPv4-mapped ipaddress.IPv6Address to consistently use the
+  mapped IPv4 address value for deciding properties. Properties which have
+  their behavior fixed are is_multicast, is_reserved, is_link_local, is_global,
+  and is_unspecified.
+  gh-124651: Properly quote template strings in venv activation scripts.
+  gh-103848: Added checks to ensure that [ bracketed ] hosts found by
+  urllib.parse.urlsplit() are of IPv6 or IPvFuture format.
+  gh-95588: Clarified the conflicting advice given in the ast documentation
+  about ast.literal_eval() being safe for use on untrusted input while at the
+  same time warning that it can crash the process. The latter statement is true
+  and is deemed unfixable without a large amount of work unsuitable for a
+  bugfix. So we keep the warning and no longer claim that literal_eval is safe.
+  For more information, see:
+    https://pythoninsider.blogspot.com/2024/12/python-3131-3128-31111-31016-and-3921.html
+    https://www.cve.org/CVERecord?id=CVE-2024-50602
+  (* Security fix *)
+           </pre>]]>
+         </description>
+      </item>
      <item>
         <title>Tue,  3 Dec 2024 22:37:55 GMT</title>
         <pubDate>Tue,  3 Dec 2024 22:37:55 GMT</pubDate>
--- a/ChangeLog.txt
+++ b/ChangeLog.txt
@ -1,3 +1,24 @@
+Wed Dec  4 22:24:22 UTC 2024
+patches/packages/python3-3.9.21-x86_64-1_slack15.0.txz:  Upgraded.
+  This update fixes security issues:
+  gh-126623: Upgraded libexpat to 2.6.4 to fix CVE-2024-50602.
+  gh-122792: Changed IPv4-mapped ipaddress.IPv6Address to consistently use the
+  mapped IPv4 address value for deciding properties. Properties which have
+  their behavior fixed are is_multicast, is_reserved, is_link_local, is_global,
+  and is_unspecified.
+  gh-124651: Properly quote template strings in venv activation scripts.
+  gh-103848: Added checks to ensure that [ bracketed ] hosts found by
+  urllib.parse.urlsplit() are of IPv6 or IPvFuture format.
+  gh-95588: Clarified the conflicting advice given in the ast documentation
+  about ast.literal_eval() being safe for use on untrusted input while at the
+  same time warning that it can crash the process. The latter statement is true
+  and is deemed unfixable without a large amount of work unsuitable for a
+  bugfix. So we keep the warning and no longer claim that literal_eval is safe.
+  For more information, see:
+    https://pythoninsider.blogspot.com/2024/12/python-3131-3128-31111-31016-and-3921.html
+    https://www.cve.org/CVERecord?id=CVE-2024-50602
+  (* Security fix *)
+--------------------------+
 Tue Dec  3 22:37:55 UTC 2024
 extra/llvm-19.1.5-x86_64-1_slack15.0.txz:  Upgraded.
 patches/packages/mozilla-thunderbird-128.5.1esr-x86_64-1_slack15.0.txz:  Upgraded.
--- a/FILELIST.TXT
+++ b/FILELIST.TXT
@ -1,20 +1,20 @@
-Tue Dec  3 22:41:53 UTC 2024
+Wed Dec  4 22:27:34 UTC 2024

 Here is the file list for this directory.  If you are using a 
 mirror site and find missing or extra files in the disk 
 subdirectories, please have the archive administrator refresh
 the mirror.

-drwxr-xr-x  12 root root      4096 2024-12-03 22:37 .
+drwxr-xr-x  12 root root      4096 2024-12-04 22:24 .
 -rw-r--r--   1 root root      5767 2022-02-02 22:44 ./ANNOUNCE.15.0
 -rw-r--r--   1 root root     16609 2022-03-30 19:03 ./CHANGES_AND_HINTS.TXT
-rw-r--r--   1 root root   1261886 2024-11-30 20:54 ./CHECKSUMS.md5
-rw-r--r--   1 root root       195 2024-11-30 20:54 ./CHECKSUMS.md5.asc
+-rw-r--r--   1 root root   1261886 2024-12-03 22:42 ./CHECKSUMS.md5
+-rw-r--r--   1 root root       195 2024-12-03 22:42 ./CHECKSUMS.md5.asc
 -rw-r--r--   1 root root     17976 1994-06-10 02:28 ./COPYING
 -rw-r--r--   1 root root     35147 2007-06-30 04:21 ./COPYING3
 -rw-r--r--   1 root root     19573 2016-06-23 20:08 ./COPYRIGHT.TXT
 -rw-r--r--   1 root root       616 2006-10-02 04:37 ./CRYPTO_NOTICE.TXT
-rw-r--r--   1 root root   2180303 2024-12-03 22:37 ./ChangeLog.txt
+-rw-r--r--   1 root root   2181566 2024-12-04 22:24 ./ChangeLog.txt
 drwxr-xr-x   3 root root      4096 2013-03-20 22:17 ./EFI
 drwxr-xr-x   2 root root      4096 2022-02-02 08:21 ./EFI/BOOT
 -rw-r--r--   1 root root   1187840 2021-06-15 19:16 ./EFI/BOOT/bootx64.efi
@ -25,7 +25,7 @@ drwxr-xr-x   2 root root      4096 2022-02-02 08:21 ./EFI/BOOT
 -rwxr-xr-x   1 root root      2504 2019-07-05 18:54 ./EFI/BOOT/make-grub.sh
 -rw-r--r--   1 root root     10722 2013-09-21 19:02 ./EFI/BOOT/osdetect.cfg
 -rw-r--r--   1 root root      1273 2013-08-12 21:08 ./EFI/BOOT/tools.cfg
-rw-r--r--   1 root root   1654099 2024-11-30 20:54 ./FILELIST.TXT
+-rw-r--r--   1 root root   1654099 2024-12-03 22:41 ./FILELIST.TXT
 -rw-r--r--   1 root root      1572 2012-08-29 18:27 ./GPG-KEY
 -rw-r--r--   1 root root    864745 2022-02-02 08:25 ./PACKAGES.TXT
 -rw-r--r--   1 root root      8034 2022-02-02 03:36 ./README.TXT
@ -821,13 +821,13 @@ drwxr-xr-x   2 root root      4096 2022-12-17 19:52 ./pasture/source/samba
 -rw-r--r--   1 root root      7921 2018-04-29 17:31 ./pasture/source/samba/smb.conf.default
 -rw-r--r--   1 root root      7933 2018-01-14 20:41 ./pasture/source/samba/smb.conf.default.orig
 -rw-r--r--   1 root root       536 2017-03-23 19:18 ./pasture/source/samba/smb.conf.diff.gz
-drwxr-xr-x   4 root root      4096 2024-12-03 22:41 ./patches
-rw-r--r--   1 root root    142654 2024-12-03 22:41 ./patches/CHECKSUMS.md5
-rw-r--r--   1 root root       195 2024-12-03 22:41 ./patches/CHECKSUMS.md5.asc
-rw-r--r--   1 root root    196688 2024-12-03 22:41 ./patches/FILE_LIST
-rw-r--r--   1 root root  19009709 2024-12-03 22:41 ./patches/MANIFEST.bz2
-rw-r--r--   1 root root    100361 2024-12-03 22:41 ./patches/PACKAGES.TXT
-drwxr-xr-x   7 root root     32768 2024-12-03 22:41 ./patches/packages
+drwxr-xr-x   4 root root      4096 2024-12-04 22:27 ./patches
+-rw-r--r--   1 root root    142654 2024-12-04 22:27 ./patches/CHECKSUMS.md5
+-rw-r--r--   1 root root       195 2024-12-04 22:27 ./patches/CHECKSUMS.md5.asc
+-rw-r--r--   1 root root    196688 2024-12-04 22:27 ./patches/FILE_LIST
+-rw-r--r--   1 root root  18986623 2024-12-04 22:27 ./patches/MANIFEST.bz2
+-rw-r--r--   1 root root    100361 2024-12-04 22:27 ./patches/PACKAGES.TXT
+drwxr-xr-x   7 root root     32768 2024-12-04 22:27 ./patches/packages
 -rw-r--r--   1 root root       360 2023-09-26 19:28 ./patches/packages/Cython-0.29.36-x86_64-1_slack15.0.txt
 -rw-r--r--   1 root root   2389564 2023-09-26 19:28 ./patches/packages/Cython-0.29.36-x86_64-1_slack15.0.txz
 -rw-r--r--   1 root root       163 2023-09-26 19:28 ./patches/packages/Cython-0.29.36-x86_64-1_slack15.0.txz.asc
@ -1205,9 +1205,9 @@ drwxr-xr-x   2 root root      4096 2024-06-08 19:45 ./patches/packages/old-linux
 -rw-r--r--   1 root root       371 2023-12-20 20:35 ./patches/packages/proftpd-1.3.8b-x86_64-1_slack15.0.txt
 -rw-r--r--   1 root root   1392708 2023-12-20 20:35 ./patches/packages/proftpd-1.3.8b-x86_64-1_slack15.0.txz
 -rw-r--r--   1 root root       163 2023-12-20 20:35 ./patches/packages/proftpd-1.3.8b-x86_64-1_slack15.0.txz.asc
-rw-r--r--   1 root root       664 2024-09-08 18:22 ./patches/packages/python3-3.9.20-x86_64-1_slack15.0.txt
-rw-r--r--   1 root root  19179024 2024-09-08 18:22 ./patches/packages/python3-3.9.20-x86_64-1_slack15.0.txz
-rw-r--r--   1 root root       195 2024-09-08 18:22 ./patches/packages/python3-3.9.20-x86_64-1_slack15.0.txz.asc
+-rw-r--r--   1 root root       664 2024-12-04 20:09 ./patches/packages/python3-3.9.21-x86_64-1_slack15.0.txt
+-rw-r--r--   1 root root  19180952 2024-12-04 20:09 ./patches/packages/python3-3.9.21-x86_64-1_slack15.0.txz
+-rw-r--r--   1 root root       195 2024-12-04 20:09 ./patches/packages/python3-3.9.21-x86_64-1_slack15.0.txz.asc
 -rw-r--r--   1 root root       260 2022-03-20 22:36 ./patches/packages/qt5-5.15.3_20220318_e507d3e5-x86_64-1_slack15.0.txt
 -rw-r--r--   1 root root  99025556 2022-03-20 22:36 ./patches/packages/qt5-5.15.3_20220318_e507d3e5-x86_64-1_slack15.0.txz
 -rw-r--r--   1 root root       163 2022-03-20 22:36 ./patches/packages/qt5-5.15.3_20220318_e507d3e5-x86_64-1_slack15.0.txz.asc
@ -1319,7 +1319,7 @@ drwxr-xr-x   2 root root      4096 2024-06-08 19:45 ./patches/packages/old-linux
 -rw-r--r--   1 root root       463 2023-04-05 18:16 ./patches/packages/zstd-1.5.5-x86_64-1_slack15.0.txt
 -rw-r--r--   1 root root    459652 2023-04-05 18:16 ./patches/packages/zstd-1.5.5-x86_64-1_slack15.0.txz
 -rw-r--r--   1 root root       163 2023-04-05 18:16 ./patches/packages/zstd-1.5.5-x86_64-1_slack15.0.txz.asc
-drwxr-xr-x 136 root root      4096 2024-12-03 22:37 ./patches/source
+drwxr-xr-x 136 root root      4096 2024-12-04 22:18 ./patches/source
 drwxr-xr-x   2 root root      4096 2023-09-26 19:22 ./patches/source/Cython
 -rw-r--r--   1 root root   1623580 2023-07-04 19:24 ./patches/source/Cython/Cython-0.29.36.tar.lz
 -rwxr-xr-x   1 root root      3041 2023-09-26 19:23 ./patches/source/Cython/Cython.SlackBuild
@ -2430,11 +2430,11 @@ drwxr-xr-x   2 root root      4096 2017-04-20 21:08 ./patches/source/proftpd/etc
 -rw-r--r--   1 root root  13966952 2023-12-20 04:42 ./patches/source/proftpd/proftpd-1.3.8b.tar.xz
 -rwxr-xr-x   1 root root      4774 2023-12-20 20:34 ./patches/source/proftpd/proftpd.SlackBuild
 -rw-r--r--   1 root root       826 2018-02-27 06:13 ./patches/source/proftpd/slack-desc
-drwxr-xr-x   2 root root      4096 2024-09-08 18:20 ./patches/source/python3
-rw-r--r--   1 root root  19648968 2024-09-06 19:46 ./patches/source/python3/Python-3.9.20.tar.xz
-rw-r--r--   1 root root       833 2024-09-07 10:25 ./patches/source/python3/Python-3.9.20.tar.xz.asc
+drwxr-xr-x   2 root root      4096 2024-12-04 19:58 ./patches/source/python3
+-rw-r--r--   1 root root  19647056 2024-12-03 18:18 ./patches/source/python3/Python-3.9.21.tar.xz
+-rw-r--r--   1 root root       833 2024-12-03 18:18 ./patches/source/python3/Python-3.9.21.tar.xz.asc
 -rw-r--r--   1 root root       890 2017-01-12 20:00 ./patches/source/python3/README
-rw-r--r--   1 root root   2553492 2024-09-06 19:50 ./patches/source/python3/python-3.9.20-docs-text.tar.bz2
+-rw-r--r--   1 root root   2554222 2024-12-03 18:19 ./patches/source/python3/python-3.9.21-docs-text.tar.bz2
 -rw-r--r--   1 root root       372 2021-11-20 19:27 ./patches/source/python3/python.sysconfig.py.x86_64.diff.gz
 -rwxr-xr-x   1 root root      6380 2023-06-08 19:59 ./patches/source/python3/python3.SlackBuild
 -rw-r--r--   1 root root       495 2020-10-24 22:31 ./patches/source/python3/python3.distutils.x86_64.diff.gz
--- a/patches/packages/python3-3.9.21-x86_64-1_slack15.0.txt
+++ b/patches/packages/python3-3.9.21-x86_64-1_slack15.0.txt