Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

python312-devel-3.12.7-4.1 RPM for aarch64

From OpenSuSE Ports Tumbleweed for aarch64

Name: python312-devel Distribution: openSUSE Tumbleweed
Version: 3.12.7 Vendor: openSUSE
Release: 4.1 Build date: Thu Nov 28 23:20:25 2024
Group: Unspecified Build host: reproducible
Size: 1589812 Source RPM: python312-core-3.12.7-4.1.src.rpm
Packager: http://bugs.opensuse.org
Url: https://www.python.org/
Summary: Include Files and Libraries Mandatory for Building Python Modules
The Python programming language's interpreter can be extended with
dynamically loaded extensions and can be embedded in other programs.

This package contains header files, a static library, and development
tools for building Python modules, extending the Python interpreter or
embedding Python in applications.

This also includes the Python distutils, which were in the Python
package up to version 2.2.2.

Provides

Requires

License

Python-2.0

Changelog

* Thu Nov 28 2024 Matej Cepl <[email protected]>
  - Update doc-py38-to-py36.patch to include str.removeprefix
    replacement.
* Thu Nov 14 2024 Matej Cepl <[email protected]>
  - Remove -IVendor/ from python-config boo#1231795
* Thu Oct 24 2024 Matej Cepl <[email protected]>
  - Add CVE-2024-9287-venv_path_unquoted.patch to properly quote
    path names provided when creating a virtual environment
    (bsc#1232241, CVE-2024-9287)
* Tue Oct 01 2024 Matej Cepl <[email protected]>
  - Update to 3.12.7:
    - Tests
    - gh-124378: Updated test_ttk to pass with Tcl/Tk 8.6.15.
    - Security
    - gh-122792: Changed IPv4-mapped ipaddress.IPv6Address to
      consistently use the mapped IPv4 address value for deciding
      properties. Properties which have their behavior fixed are
      is_multicast, is_reserved, is_link_local, is_global, and
      is_unspecified.
    - Library
    - gh-116850: Fix argparse for namespaces with not directly
      writable dict (e.g. classes).
    - gh-58573: Fix conflicts between abbreviated long options in
      the parent parser and subparsers in argparse.
    - gh-61181: Fix support of choices with string value in
      argparse. Substrings of the specified string no longer
      considered valid values.
    - gh-80259: Fix argparse support of positional arguments with
      nargs='?', default=argparse.SUPPRESS and specified type.
    - gh-124498: Fix typing.TypeAliasType not to be generic, when
      type_params is an empty tuple.
    - gh-124345: argparse vim supports abbreviated single-dash
      long options separated by = from its value.
    - gh-104860: Fix disallowing abbreviation of single-dash long
      options in argparse with allow_abbrev=False.
    - gh-63143: Fix parsing mutually exclusive arguments in
      argparse. Arguments with the value identical to the default
      value (e.g. booleans, small integers, empty or 1-character
      strings) are no longer considered “not present”.
    - gh-72795: Positional arguments with nargs equal to '*' or
      argparse.REMAINDER are no longer required. This allows to
      use positional argument with nargs='*' and without default
      in mutually exclusive group and improves error message
      about required arguments.
    - gh-59317: Fix parsing positional argument with nargs equal
      to '?' or '*' if it is preceded by an option and another
      positional argument.
    - gh-53780: argparse now ignores the first "--" (double dash)
      between an option and command.
    - gh-124217: Add RFC 9637 reserved IPv6 block 3fff::/20 in
      ipaddress module.
    - gh-124248: Fixed potential crash when using struct to
      process zero-width ‘Pascal string’ fields (0p).
    - gh-81691: Fix handling of multiple "--" (double dashes)
      in argparse. Only the first one has now been removed, all
      subsequent ones are now taken literally.
    - gh-87041: Fix a bug in argparse where lengthy subparser
      argument help is incorrectly indented.
    - gh-124171: Add workaround for broken fmod() implementations
      on Windows, that loose zero sign (e.g. fmod(-10, 1) returns
      0.0). Patch by Sergey B Kirpichev.
    - gh-123934: Fix unittest.mock.MagicMock reseting magic
      methods return values after .reset_mock(return_value=True)
      was called.
    - gh-123935: Fix parent slots detection for dataclasses that
      inherit from classes with __dictoffset__.
    - gh-123892: Add "_wmi" to sys.stdlib_module_names. Patch by
      Victor Stinner.
    - gh-116810: Resolve a memory leak introduced in CPython
      3.10’s ssl when the ssl.SSLSocket.session property was
      accessed. Speeds up read and write access to said property
      by no longer unnecessarily cloning session objects via
      serialization.
    - gh-121735: When working with zip archives,
      importlib.resources now properly honors module-adjacent
      references (e.g. files(pkg.mod) and not just files(pkg)).
    - gh-119004: Fix a crash in OrderedDict.__eq__ when operands
      are mutated during the check. Patch by Bénédikt Tran.
    - bpo-44864: Do not translate user-provided strings in
      argparse.ArgumentParser.
    - IDLE
    - gh-112938: Fix uninteruptable hang when Shell gets rapid
      continuous output.
    - Core and Builtins
    - gh-116510: Fix a bug that can cause a crash when
      sub-interpreters use “basic” single-phase extension
      modules. Shared objects could refer to PyGC_Head nodes that
      had been freed as part of interpreter cleanup.
    - gh-124188: Fix reading and decoding a line from the source
      file witn non-UTF-8 encoding for syntax errors raised in
      the compiler.
    - gh-77894: Fix possible crash in the garbage collector when
      it tries to break a reference loop containing a memoryview
      object. Now a memoryview object can only be cleared if
      there are no buffers that refer it.
    - gh-98442: Fix too wide source locations of the cleanup
      instructions of a with statement.
    - gh-113993: Strings interned with sys.intern() are again
      garbage-collected when no longer used, as per the
      documentation. Strings interned with the C function
      PyUnicode_InternInPlace() are still immortal. Internals of
      the string interning mechanism have been changed. This may
      affect performance and identities of str objects.
    - C API
    - gh-113993: PyUnicode_InternInPlace() no longer prevents its
      argument from being garbage collected.
    - Several functions that take char * are now documented
      as possibly preventing string objects from being
      garbage collected; refer to their documentation
      for details: PyUnicode_InternFromString(),
      PyDict_SetItemString(), PyObject_SetAttrString(),
      PyObject_DelAttrString(), PyUnicode_InternFromString(), and
      PyModule_Add* convenience functions.
    - Build
    - gh-124487: Windows builds now use Windows 8.1 as their API
      baseline (installation already required Windows 8.1).
    - gh-123917: Fix the check for the crypt() function in the
      configure script. Patch by Paul Smith and Victor Stinner.
  - Change previous removal of *.pyc files with rm -f instead of
    ||/bin/true (bsc#1230906).
* Mon Sep 30 2024 Bernhard Wiedemann <[email protected]>
  - Drop .pyc files from docdir for reproducible builds
* Fri Sep 13 2024 Matej Cepl <[email protected]>
  - Add doc-py38-to-py36.patch making building documentation
    compatible with Python 3.6, which runs Sphinx on SLE.
* Sat Sep 07 2024 Matej Cepl <[email protected]>
  - Update to 3.12.6:
    - Tests
    - gh-101525: Skip test_gdb if the binary is relocated by
      BOLT. Patch by Donghee Na.
    - Security
    - gh-123678: Upgrade libexpat to 2.6.3
    - gh-121285: Remove backtracking from tarfile header parsing
      for hdrcharset, PAX, and GNU sparse headers (bsc#1230227,
      CVE-2024-6232).
    - Library
    - gh-123270: Applied a more surgical fix for malformed
      payloads in zipfile.Path causing infinite loops (gh-122905)
      without breaking contents using legitimate characters
      (bsc#1229704, CVE-2024-8088).
    - gh-123213: xml.etree.ElementTree.Element.extend() and
      Element assignment no longer hide the internal exception if
      an erronous generator is passed. Patch by Bar Harel.
    - gh-85110: Preserve relative path in URL without netloc in
      urllib.parse.urlunsplit() and urllib.parse.urlunparse().
    - gh-123067: Fix quadratic complexity in parsing "-quoted
      cookie values with backslashes by http.cookies
      (bsc#1229596, CVE-2024-7592)
    - gh-122903: zipfile.Path.glob now correctly matches
      directories instead of silently omitting them.
    - gh-122905: zipfile.Path objects now sanitize names from the
      zipfile.
    - gh-122695: Fixed double-free when using gc.get_referents()
      with a freed asyncio.Future iterator.
    - gh-116263: logging.handlers.RotatingFileHandler no longer
      rolls over empty log files.
    - gh-118814: Fix the typing.TypeVar constructor when name is
      passed by keyword.
    - gh-122478: Remove internal frames from tracebacks
      shown in code.InteractiveInterpreter with non-default
      sys.excepthook(). Save correct tracebacks in
      sys.last_traceback and update __traceback__ attribute of
      sys.last_value and sys.last_exc.
    - gh-113785: csv now correctly parses numeric fields (when
      used with csv.QUOTE_NONNUMERIC) which start with an escape
      character.
    - gh-112182: asyncio.futures.Future.set_exception() now
      transforms StopIteration into RuntimeError instead of
      hanging or other misbehavior. Patch contributed by Jamie
      Phan.
    - gh-108172: webbrowser honors OS preferred browser on Linux
      when its desktop entry name contains the text of a known
      browser name.
    - gh-102988: email.utils.getaddresses() and
      email.utils.parseaddr() now return ('', '') 2-tuples
      in more situations where invalid email addresses are
      encountered instead of potentially inaccurate values. Add
      optional strict parameter to these two functions: use
      strict=False to get the old behavior, accept malformed
      inputs. getattr(email.utils, 'supports_strict_parsing',
      False) can be use to check if the strict paramater is
      available. Patch by Thomas Dwyer and Victor Stinner to
      improve the CVE-2023-27043 fix.
    - gh-99437: runpy.run_path() now decodes path-like objects,
      making sure __file__ and sys.argv[0] of the module being
      run are always strings.
    - IDLE
    - gh-120083: Add explicit black IDLE Hovertip foreground
      color needed for recent macOS. Fixes Sonoma showing
      unreadable white on pale yellow. Patch by John Riggles.
    - Core and Builtins
    - gh-123321: Prevent Parser/myreadline race condition from
      segfaulting on multi-threaded use. Patch by Bar Harel and
      Amit Wienner.
    - gh-122982: Extend the deprecation period for bool inversion
      (~) by two years.
    - gh-123229: Fix valgrind warning by initializing the
      f-string buffers to 0 in the tokenizer. Patch by Pablo
      Galindo
    - gh-123142: Fix too-wide source location in exception
      tracebacks coming from broken iterables in comprehensions.
    - gh-123048: Fix a bug where pattern matching code could emit
      a JUMP_FORWARD with no source location.
    - gh-123083: Fix a potential use-after-free in
      STORE_ATTR_WITH_HINT.
    - gh-122527: Fix a crash that occurred when a
      PyStructSequence was deallocated after its type’s
      dictionary was cleared by the GC. The type’s tp_basicsize
      now accounts for non-sequence fields that aren’t included
      in the Py_SIZE of the sequence.
    - gh-93691: Fix source locations of instructions generated
      for with statements.
    - Build
    - gh-123297: Propagate the value of LDFLAGS to LDCXXSHARED in
      sysconfig. Patch by Pablo Galindo
  - Remove upstreamed patches:
    - CVE-2023-27043-email-parsing-errors.patch
    - CVE-2024-8088-inf-loop-zipfile_Path.patch
    - CVE-2023-6597-TempDir-cleaning-symlink.patch
    - gh120226-fix-sendfile-test-kernel-610.patch
* Mon Sep 02 2024 Matej Cepl <[email protected]>
  - Add gh120226-fix-sendfile-test-kernel-610.patch to avoid
    failing test_sendfile_close_peer_in_the_middle_of_receiving
    tests on Linux >= 6.10 (GH-120227).
* Wed Aug 28 2024 Matej Cepl <[email protected]>
  - Add CVE-2024-8088-inf-loop-zipfile_Path.patch to prevent
    malformed payload to cause infinite loops in zipfile.Path
    (bsc#1229704, CVE-2024-8088).
* Wed Aug 07 2024 Matej Cepl <[email protected]>
  - Update to 3.12.5:
    - Tests
    - gh-59022: Add tests for pkgutil.extend_path(). Patch by
      Andreas Stocker.
    - gh-99242: os.getloadavg() may throw OSError when
      running regression tests under certain conditions (e.g.
      chroot). This error is now caught and ignored, since
      reporting load average is optional.
    - gh-121084: Fix test_typing random leaks. Clear typing ABC
      caches when running tests for refleaks (-R option): call
      _abc_caches_clear() on typing abstract classes and their
      subclasses. Patch by Victor Stinner.
    - gh-121160: Add a test for
      readline.set_history_length(). Note that this test may fail
      on readline libraries.
    - gh-121200: Fix test_expanduser_pwd2() of
      test_posixpath. Call getpwnam() to get pw_dir, since it
      can be different than getpwall() pw_dir. Patch by Victor
      Stinner.
    - gh-121188: When creating the JUnit XML file, regrtest
      now escapes characters which are invalid in XML, such
      as the chr(27) control character used in ANSI escape
      sequences. Patch by Victor Stinner.
    - Security
    - gh-121957: Fixed missing audit events around interactive
      use of Python, now also properly firing for python -i, as
      well as for python -m asyncio. The event in question is
      cpython.run_stdin.
    - gh-122133: Authenticate the socket connection for the
      socket.socketpair() fallback on platforms where AF_UNIX is
      not available like Windows.
    - Patch by Gregory P. Smith <[email protected]> and Seth Larson
      <[email protected]>. Reported by Ellie <[email protected]>
    - Library
    - gh-122744: Bump the version of pip bundled in ensurepip to
      version 24.2.
    - gh-122334: Fix crash when importing ssl after the main
      interpreter restarts.
    - gh-87320: In code.InteractiveInterpreter, handle exceptions
      caused by calling a non-default sys.excepthook(). Before,
      the exception bubbled up to the caller, ending the REPL.
    - gh-122400: Handle ValueErrors raised by os.stat() in
      filecmp.dircmp and filecmp.cmpfiles(). Patch by Bénédikt
      Tran.
    - gh-122311: Fix some error messages in pickle.
    - gh-121650: email headers with embedded newlines are
      now quoted on output. The generator will now refuse to
      serialize (write) headers that are unsafely folded or
      delimited; see verify_generated_headers. (Contributed by
      Bas Bloemsaat and Petr Viktorin in gh-121650; bsc#1228780,
      CVE-2024-6923).
    - gh-122332: Fixed segfault with asyncio.Task.get_coro() when
      using an eager task factory.
    - gh-122170: Handle ValueErrors raised by os.stat() in
      linecache. Patch by Bénédikt Tran.
    - gh-121723: Make logging.config.dictConfig() accept any
      object implementing the Queue public API. See the queue
      configuration section for details. Patch by Bénédikt Tran.
    - gh-82951: Serializing objects with complex __qualname__
      (such as unbound methods and nested classes) by name no
      longer involves serializing parent objects by value in
      pickle protocols < 4.
    - gh-120930: Fixed a bug introduced by gh-92081 that added an
      incorrect extra blank to encoded words occurring in wrapped
      headers.
    - gh-121474: Fix missing sanity check for parties arg in
      threading.Barrier constructor. Patch by Clinton Christian
      (pygeek).
    - gh-121025: Improve the __repr__() of
      functools.partialmethod. Patch by Bénédikt Tran.
    - gh-121018: Fixed issues where
      argparse.ArgumentParser.parse_args() did not honor
      exit_on_error=False. Based on patch by Ben Hsing.
    - gh-119614: Fix truncation of strings with embedded null
      characters in some internal operations in tkinter.
    - gh-120910: When reading installed files from an egg, use
      relative_to(walk_up=True) to honor files installed outside
      of the installation root.
    - gh-101830: Accessing the tkinter object’s string
      representation no longer converts the underlying Tcl object
      to a string on Windows.
    - gh-120811: Fix possible memory leak in
      contextvars.Context.run().
    - gh-120769: Make empty line in pdb repeats the last command
      even when the command is from cmdqueue.
    - gh-120732: Fix name passing to unittest.mock.Mock object
      when using unittest.mock.create_autospec().
    - gh-120495: Fix incorrect exception handling in Tab
      Nanny. Patch by Wulian233.
    - gh-120343: Fix column offset reporting for tokens that come
      after multiline f-strings in the tokenize module.
    - gh-119600: Fix unittest.mock.patch() to not read attributes
      of the target when new_callable is set. Patch by Robert
      Collins.
    - gh-120289: Fixed the use-after-free issue in cProfile by
      disallowing disable() and clear() in external timers.
    - gh-114053: Fix edge-case bug where typing.get_type_hints()
      would produce incorrect results if type parameters in a
      class scope were overridden by assignments in a class scope
      and from __future__ import annotations semantics were
      enabled. Patch by Alex Waygood.
    - gh-114053: Fix erroneous NameError when calling
      inspect.get_annotations() with eval_str=True` on a class
      that made use of PEP 695 type parameters in a module that
      had from __future__ import annotations at the top of the
      file. Patch by Alex Waygood.
    - gh-120268: Prohibit passing None to pure-Python
      datetime.date.fromtimestamp() to achieve consistency with
      C-extension implementation.
    - gh-120244: Fix memory leak in re.sub() when the replacement
      string contains backreferences.
    - gh-120211: Fix tkinter.ttk with Tcl/Tk 9.0.
    - gh-71587: Fix crash in C version of
      datetime.datetime.strptime() when called again on the
      restarted interpreter.
    - gh-117983: Defer the threading import in importlib.util
      until lazy loading is used.
    - gh-119698: Fix symtable.Class.get_methods() and document
      its behaviour. Patch by Bénédikt Tran.
    - gh-120121: Add concurrent.futures.InvalidStateError to
      module’s __all__.
    - gh-112672: Support building tkinter with Tcl 9.0.
    - gh-65454: unittest.mock.Mock.attach_mock() no longer
      triggers a call to a PropertyMock being attached.
    - gh-81936: help() and showtopic() methods now respect a
      configured output argument to pydoc.Helper and not use the
      pager in such cases. Patch by Enrico Tröger.
    - gh-119577: The DeprecationWarning emitted when testing
      the truth value of an xml.etree.ElementTree.Element now
      describes unconditionally returning True in a future
      version rather than raising an exception in Python 3.14.
    - gh-119506: Fix io.TextIOWrapper.write() method breaks
      internal buffer when the method is called again during
      flushing internal buffer.
    - gh-119189: When using the ** operator or pow() with
      Fraction as the base and an exponent that is not rational,
      a float, or a complex, the fraction is no longer converted
      to a float.
    - gh-105623: Fix performance degradation in
      logging.handlers.RotatingFileHandler. Patch by Craig
      Robson.
    - bpo-39324: Add mime type mapping for .md <-> text/markdown
    - IDLE
    - gh-122482: Change About IDLE to direct users to
      discuss.python.org instead of the now unused idle-dev email
      and mailing list.
    - gh-78889: Stop Shell freezes by blocking user access to
      non-method sys.stdout.shell attributes, which are all
      private.
    - gh-120104: Fix padding in config and search dialog windows
      in IDLE.
    - Documentation
    - gh-121749: Fix documentation for PyModule_AddObjectRef().
    - gh-120012: Clarify the behaviours of
      multiprocessing.Queue.empty() and
      multiprocessing.SimpleQueue.empty() on closed queues. Patch
      by Bénédikt Tran.
    - gh-121871: Documentation HTML varies from timestamp. Patch by
      Bernhard M. Wiedemann (bsc#1227999).
    - Core and Builtins
    - gh-122208: Dictionary watchers now only deliver the
      PyDict_EVENT_ADDED event when the insertion is in a known
      good state to succeed.
    - gh-122300: Preserve AST nodes for f-string with
      single-element format specifiers. Patch by Pablo Galindo
    - gh-122029: Emit c_call events in sys.setprofile() when a
      PyMethodObject pointing to a PyCFunction is called.
    - gh-122026: Fix a bug that caused the tokenizer to not
      correctly identify mismatched parentheses inside f-strings
      in some situations. Patch by Pablo Galindo
    - gh-121657: Improve the SyntaxError message if the user
      tries to use yield from outside a function.
    - gh-117482: Unexpected slot wrappers are no longer created
      for builtin static types in subinterpreters.
    - gh-121439: Allow tuples of length 20 in the freelist to be
      reused.
    - gh-121130: Fix f-strings with debug expressions in format
      specifiers. Patch by Pablo Galindo
    - gh-120722: Correctly set the bytecode position on return
      instructions within lambdas. Patch by Jelle Zijlstra.
    - gh-120384: Fix an array out of bounds crash in
      list_ass_subscript, which could be invoked via some
      specificly tailored input: including concurrent
      modification of a list object, where one thread assigns a
      slice and another clears it.
    - gh-120380: Fix Python implementation of pickle.Pickler for
      bytes and bytearray objects when using protocol version
      5. Patch by Bénédikt Tran.
    - gh-93691: Fix source locations of instructions generated
      for the iterator of a for statement.
    - gh-120198: Fix a crash when multiple threads read and write
      to the same __class__ of an object concurrently.
    - gh-120298: Fix use-after free in list_richcompare_impl
      which can be invoked via some specificly tailored evil
      input.
    - gh-119666: Fix a compiler crash in the case where two
      comprehensions in class scope both reference __class__.
    - bpo-24766: Fix handling of doc argument to subclasses of
      property.
    - Build
    - gh-120671: Fix failing configure tests due to a missing
      space when appending to CFLAGS.
    - gh-115983: Skip building test modules that must be built as
      shared under WASI.
* Wed Aug 07 2024 Matej Cepl <[email protected]>
  - %{profileopt} variable is set according to the variable
    %{do_profiling} (bsc#1227999)
  - Update bluez-devel-vendor.tar.xz
* Mon Jul 22 2024 Matej Cepl <[email protected]>
  - Remove %suse_update_desktop_file macro as it is not useful any
    more.
* Thu Jul 04 2024 Matej Cepl <[email protected]>
  - Stop using %%defattr, it seems to be breaking proper executable
    attributes on /usr/bin/ scripts (bsc#1227378).
* Tue Jul 02 2024 Daniel Garcia <[email protected]>
  - Add F00251-change-user-install-location.patch to make pip and
    modern tools install directly in /usr/local when used by the user.
    bsc#1225660
* Wed Jun 26 2024 Matej Cepl <[email protected]>
  - Add docs-docutils_014-Sphinx_420.patch make building docs
    compatible with Sphinx 4_2_0 and docutils 0.14.
* Wed Jun 26 2024 Andreas Schwab <[email protected]>
  - Update import_failed.map for python 3.12
* Mon Jun 24 2024 Andreas Schwab <[email protected]>
  - Reenable test_multiprocessing_forkserver test_multiprocessing_spawn
    test_subprocess tests in qemu build
* Fri Jun 07 2024 Matej Cepl <[email protected]>
  - Update to 3.12.4:
    - Security
    - gh-118486: os.mkdir() on Windows now accepts mode of 0o700
      to restrict the new directory to the current user. This
      fixes CVE-2024-4030 affecting tempfile.mkdtemp() in
      scenarios where the base temporary directory is more
      permissive than the default (bsc#1227152).
    - gh-116741: Update bundled libexpat to 2.6.2
    - gh-117233: Detect BLAKE2, SHA3, Shake, & truncated SHA512
      support in the OpenSSL-ish libcrypto library at build
      time. This allows hashlib to be used with libraries that do
      not to support every algorithm that upstream OpenSSL does.
    - Core and Builtins
    - gh-119821: Fix execution of annotation scopes within
      classes when globals is set to a non-dict. Patch by Jelle
      Zijlstra.
    - gh-118263: Speed up os.path.normpath() with a direct C
      call.
    - gh-119311: Fix bug where names are unexpectedly mangled in
      the bases of generic classes.
    - gh-119395: Fix bug where names appearing after a generic
      class are mangled as if they are in the generic class.
    - gh-118507: Fix os.path.isfile() on Windows for pipes.
    - gh-119213: Non-builtin modules built with argument clinic
      were crashing if used in a subinterpreter before the main
      interpreter. The objects that were causing the problem by
      leaking between interpreters carelessly have been fixed.
    - gh-119011: Fixes type.__type_params__ to return an empty
      tuple instead of a descriptor.
    - gh-118997: Fix _Py_ClearImmortal() assertion: use
      _Py_IsImmortal() to tolerate reference count lower than
      _Py_IMMORTAL_REFCNT. Fix the assertion for the stable
      ABI, when a C extension is built with Python 3.11 or
      lower. Patch by Victor Stinner.
    - gh-118513: Fix incorrect UnboundLocalError when two
      comprehensions in the same function both reference the same
      name, and in one comprehension the name is bound while in
      the other it’s an implicit global.
    - gh-118164: Break a loop between the Python implementation
      of the decimal module and the Python code for integer
      to string conversion. Also optimize integer to string
      conversion for values in the range from 9_000 to 135_000
      decimal digits.
    - gh-118272: Fix bug where generator.close does not free the
      generator frame’s locals.
    - gh-116767: Fix crash in compiler on ‘async with’ that has
      many context managers.
    - gh-117894: Prevent agen.aclose() objects being re-used
      after .throw().
    - gh-117881: prevent concurrent access to an async generator
      via athrow().throw() or asend().throw()
    - gh-115874: Fixed a possible segfault during garbage
      collection of _asyncio.FutureIter objects
    - Library
    - gh-119819: Fix regression to allow logging configuration
      with multiprocessing queue types.
    - gh-89727: Fix issue with shutil.rmtree() where a
      RecursionError is raised on deep directory trees.
    - gh-89727: Partially fix issue with shutil.rmtree()
      where a RecursionError is raised on deep directory
      trees. A recursion error is no longer raised when
      rmtree.avoids_symlink_attacks is false.
    - gh-119118: Fix performance regression in the tokenize
      module by caching the line token attribute and calculating
      the column offset more efficiently.
    - gh-89727: Fix issue with os.fwalk() where a RecursionError
      was raised on deep directory trees by adjusting the
      implementation to be iterative instead of recursive.
    - gh-113892: Now, the method sock_connect of
      asyncio.ProactorEventLoop raises a ValueError if given
      socket is not in non-blocking mode, as well as in other
      loop implementations.
    - gh-119174: Fix high DPI causes turtledemo(turtle-graphics
      examples) windows blurry Patch by Wulian233 and Terry Jan
      Reedy
    - gh-118643: Fix an AttributeError in the email module
      when re-fold a long address list. Also fix more cases of
      incorrect encoding of the address separator in the address
      list.
    - gh-58933: Make pdb return to caller frame correctly when
      f_trace of the caller frame is not set
    - gh-118868: Fixed issue where kwargs were no longer passed
      to the logging handler QueueHandler
    - gh-118164: The Python implementation of the decimal
      module could appear to hang in relatively small power
      cases (like 2**117) if context precision was set to a
      very high value. A different method to check for exactly
      representable results is used now that doesn’t rely on
      computing 10**precision (which could be effectively too
      large to compute).
    - gh-118404: Fix inspect.signature() for non-comparable
      callables.
    - gh-118314: Fix an edge case in binascii.a2b_base64() strict
      mode, where excessive padding is not detected when no
      padding is necessary.
    - gh-118042: Fix an unraisable exception in
      telnetlib.Telnet.__del__() when the __init__() method was
      not called.
    - gh-118221: Fix a bug where sqlite3.iterdump() could fail if
      a custom row factory was used. Patch by Erlend Aasland.
    - gh-118013: Fix regression introduced in gh-103193 that
      meant that calling inspect.getattr_static() on an instance
      would cause a strong reference to that instance’s class to
      persist in an internal cache in the inspect module. This
      caused unexpected memory consumption if the class was
      dynamically created, the class held strong references to
      other objects which took up a significant amount of memory,
      and the cache contained the sole strong reference to the
      class. The fix for the regression leads to a slowdown
      in getattr_static(), but the function should still be
      significantly faster than it was in Python 3.11. Patch by
      Alex Waygood.
    - gh-90848: Fixed unittest.mock.create_autospec() to
      configure parent mock with keyword arguments.
    - gh-118168: Fix incorrect argument substitution when
      typing.Unpack is used with the builtin tuple. typing.Unpack
      now raises TypeError when used with certain invalid
      types. Patch by Jelle Zijlstra.
    - gh-118033: Fix dataclasses.dataclass() not creating a
      __weakref__ slot when subclassing typing.Generic.
    - gh-117535: Do not try to get the source line for made up
      file name “sys” in warnings.
    - gh-114053: Fix erroneous NameError when calling
      typing.get_type_hints() on a class that made use of PEP 695
      type parameters in a module that had from __future__ import
      annotations at the top of the file. Patch by Alex Waygood.
    - gh-117995: Don’t raise DeprecationWarning when a
      sequence of parameters is used to bind indexed, nameless
      placeholders. See also gh-100668.
    - gh-80361: Fix TypeError in
      email.message.Message.get_payload() when the charset is RFC
      2231 encoded.
    - gh-86650: Fix IndexError when parse some emails with
      invalid Message-ID (including one-off addresses generated
      by Microsoft Outlook).
    - gh-117691: Improve the error messages emitted by tarfile
      deprecation warnings relating to PEP 706. If a filter
      argument is not provided to extract() or extractall, the
      deprecation warning now points to the line in the user’s
      code where the relevant function was called. Patch by Alex
      Waygood.
    - gh-77102: site module now parses .pth file with UTF-8
      first, and locale encoding if UnicodeDecodeError
      happened. It supported only locale encoding before.
    - gh-117692: Fixes a bug when doctest.DocTestFinder was
      failing on wrapped builtin_function_or_method.
    - gh-117566: ipaddress.IPv6Address.is_loopback() will now
      return True for IPv4-mapped loopback addresses, i.e.
      addresses in the ::ffff:127.0.0.0/104 address space.
    - gh-117503: Fix support of non-ASCII user names in bytes
      paths in os.path.expanduser() on Posix.
    - gh-117313: Only treat '\n', '\r' and '\r\n' as line
      separators in re-folding the email messages. Preserve
      control characters '\v', '\f', '\x1c', '\x1d' and '\x1e'
      and Unicode line separators '\x85', '\u2028' and '\u2029'
      as is.
    - gh-113171 (bsc#1226448, CVE-2024-4032): Fixed various false
      positives and false negatives in
      ipaddress.IPv4Address.is_private (see these docs for details)
      ipaddress.IPv4Address.is_global
      ipaddress.IPv6Address.is_private
      ipaddress.IPv6Address.is_global
      Also in the corresponding ipaddress.IPv4Network and
      ipaddress.IPv6Network attributes.
    - gh-103956: Fix lack of newline characters in trace module
      output when line tracing is enabled but source code line
      for current frame is not available.
    - gh-92081: Fix missing spaces in email headers when the
      spaces are mixed with encoded 8-bit characters.
    - gh-103194: Prepare Tkinter for C API changes in Tcl 8.7/9.0
      to avoid _tkinter.Tcl_Obj being unexpectedly returned
      instead of bool, str, bytearray, or int.
    - gh-87106: Fixed handling in inspect.Signature.bind() of
      keyword arguments having the same name as positional-only
      arguments when a variadic keyword argument (e.g. **kwargs)
      is present.
    - bpo-45767: Fix integer conversion in os.major(),
      os.minor(), and os.makedev(). Support device numbers larger
      than 2**63-1. Support non-existent device number (NODEV).
    - bpo-40943: Fix several IndexError when parse emails with
      truncated Message-ID, address, routes, etc, e.g. example@.
    - bpo-30988: Fix parsing of emails with invalid address
      headers having a leading or trailing dot. Patch by tsufeki.
    - gh-67693: Fix urllib.parse.urlunparse() and
      urllib.parse.urlunsplit() for URIs with path starting with
      multiple slashes and no authority. Based on patch by Ashwin
      Ramaswami.
    - bpo-15010: unittest.TestLoader.discover() now saves the
      original value of unittest.TestLoader._top_level_dir and
      restores it at the end of the call.
    - Documentation
    - gh-117928: The minimum Sphinx version required for the
      documentation is now 6.2.1.
    - gh-91565: Changes to documentation files and config
      outputs to reflect the new location for reporting bugs -
      i.e. GitHub rather than bugs.python.org.
    - Tests
    - gh-119050: regrtest test runner: Add XML support to the
      refleak checker (-R option). Patch by Victor Stinner.
    - IDLE
    - bpo-34774: Use user-selected color theme for Help => IDLE
      Doc.
    - C API
    - gh-119585: Fix crash when a thread state that was
      created by PyGILState_Ensure() calls a destructor that
      during PyThreadState_Clear() that calls back into
      PyGILState_Ensure() and PyGILState_Release(). This
      might occur when in the free-threaded build or when
      using thread-local variables whose destructors call
      PyGILState_Ensure().
    - gh-117534: Improve validation logic in the C implementation
      of datetime.fromisoformat() to better handle invalid
      years. Patch by Vlad Efanov.
  - Updated patches:
    - CVE-2023-6597-TempDir-cleaning-symlink.patch
    - bpo-31046_ensurepip_honours_prefix.patch
    - fix_configure_rst.patch
    - python-3.3.0b1-fix_date_time_compiler.patch
    - subprocess-raise-timeout.patch
* Mon Apr 15 2024 Daniel Garcia <[email protected]>
  - Add CVE-2023-52425-libexpat-2.6.0-backport-15.6.patch to fix tests with
    patched libexpat below 2.6.0 that doesn't update the version number,
    just in 15.6.
  - Drop libexpat260.patch, not needed anymore. This patch is merged
    with the CVE-2023-52425-libexpat-2.6.0-backport-15.6.patch to keep
    working on 15.6.
  - Add fix-test-recursion-limit-15.6.patch, gh#python/cpython#115083.
* Wed Apr 10 2024 Matej Cepl <[email protected]>
  - Update to 3.12.3:
    - Security
    - gh-115398: Allow controlling Expat >=2.6.0 reparse deferral
      (CVE-2023-52425, bsc#1219559) by adding five new methods:
      xml.etree.ElementTree.XMLParser.flush()
      xml.etree.ElementTree.XMLPullParser.flush()
      xml.parsers.expat.xmlparser.GetReparseDeferralEnabled()
      xml.parsers.expat.xmlparser.SetReparseDeferralEnabled()
      xml.sax.expatreader.ExpatParser.flush()
    - gh-115399: Update bundled libexpat to 2.6.0 (bsc#1222075)
    - gh-115243: Fix possible crashes in
      collections.deque.index() when the deque is concurrently
      modified.
    - gh-114572: ssl.SSLContext.cert_store_stats() and
      ssl.SSLContext.get_ca_certs() now correctly lock access to
      the certificate store, when the ssl.SSLContext is shared
      across multiple threads (bsc#1226447, CVE-2024-0397).
    - Core and Builtins
    - gh-109120: Added handle of incorrect star expressions, e.g
      f(3, *). Patch by Grigoryev Semyon
    - gh-99108: Updated the hashlib built-in HACL* project C code
      from upstream that we use for many implementations when
      they are not present via OpenSSL in a given build. This
      also avoids the rare potential for a C symbol name one
      definition rule linking issue.
    - gh-116735: For INSTRUMENTED_CALL_FUNCTION_EX, set arg0 to
      sys.monitoring.MISSING instead of None for CALL event.
    - gh-113964: Starting new threads and process creation
      through os.fork() are now only prevented once all
      non-daemon threads exit.
    - gh-116604: Respect the status of the garbage collector when
      indirect calls are made via PyErr_CheckSignals() and the
      evaluation breaker. Patch by Pablo Galindo
    - gh-116626: Ensure INSTRUMENTED_CALL_FUNCTION_EX always
      emits CALL
    - gh-116296: Fix possible refleak in object.__reduce__()
      internal error handling.
    - gh-116034: Fix location of the error on a failed assertion.
    - gh-115823: Properly calculate error ranges in the parser
      when raising SyntaxError exceptions caused by invalid byte
      sequences. Patch by Pablo Galindo
    - gh-112087: For an empty reverse iterator for list will be
      reduced to reversed(). Patch by Donghee Na.
    - gh-115154: Fix a bug that was causing the
      tokenize.untokenize() function to handle unicode named
      literals incorrectly. Patch by Pablo Galindo
    - gh-114828: Fix compilation crashes in uncommon code
      examples using super() inside a comprehension in a class
      body.
    - gh-115011: Setters for members with an unsigned integer
      type now support the same range of valid values for objects
      that has a __index__() method as for int.
    - gh-112215: Change the C recursion limits to more closely
      reflect the underlying platform limits.
    - gh-96497: Fix incorrect resolution of mangled class
      variables used in assignment expressions in comprehensions.
    - Library
    - gh-117467: Preserve mailbox ownership when rewriting in
      mailbox.mbox.flush(). Patch by Tony Mountifield.
    - gh-117310: Fixed an unlikely early & extra Py_DECREF
      triggered crash in ssl when creating a new _ssl._SSLContext
      if CPython was built implausibly such that the
      default cipher list is empty or the SSL library it
      was linked against reports a failure from its C
      SSL_CTX_set_cipher_list() API.
    - gh-117178: Fix regression in lazy loading of
      self-referential modules, introduced in gh-114781.
    - gh-117084: Fix zipfile extraction for directory entries
      with the name containing backslashes on Windows.
    - gh-117110: Fix a bug that prevents subclasses of typing.Any
      to be instantiated with arguments. Patch by Chris Fu.
    - gh-90872: On Windows, subprocess.Popen.wait() no longer
      calls WaitForSingleObject() with a negative timeout: pass 0
      ms if the timeout is negative. Patch by Victor Stinner.
    - gh-116957: configparser: Don’t leave ConfigParser values
      in an invalid state (stored as a list instead of a str)
      after an earlier read raised DuplicateSectionError or
      DuplicateOptionError.
    - gh-90095: Ignore empty lines and comments in .pdbrc
    - gh-116764: Restore support of None and other false values
      in urllib.parse functions parse_qs() and parse_qsl(). Also,
      they now raise a TypeError for non-zero integers and
      non-empty sequences.
    - gh-116811: In PathFinder.invalidate_caches, delegate to
      MetadataPathFinder.invalidate_caches.
    - gh-116600: Fix repr() for global Flag members.
    - gh-116484: Change automatically generated
      tkinter.Checkbutton widget names to avoid collisions with
      automatically generated tkinter.ttk.Checkbutton widget
      names within the same parent widget.
    - gh-116401: Fix blocking os.fwalk() and shutil.rmtree() on
      opening named pipe.
    - gh-116143: Fix a race in pydoc _start_server, eliminating a
      window in which _start_server can return a thread that is
      “serving” but without a docserver set.
    - gh-116325: typing: raise SyntaxError instead of
      AttributeError on forward references as empty strings.
    - gh-90535: Fix support of interval values > 1 in
      logging.TimedRotatingFileHandler for when='MIDNIGHT' and
      when='Wx'.
    - gh-115978: Disable preadv(), readv(), pwritev(), and
      writev() on WASI.
    - Under wasmtime for WASI 0.2, these
      functions don’t pass test_posix
      (https://github.com/bytecodealliance/wasmtime/issues/7830).
    - gh-88352: Fix the computation of the next rollover
      time in the logging.TimedRotatingFileHandler handler.
      computeRollover() now always returns a timestamp larger
      than the specified time and works correctly during the DST
      change. doRollover() no longer overwrite the already rolled
      over file, saving from data loss when run at midnight or
      during repeated time at the DST change.
    - gh-87115: Set __main__.__spec__ to None when running a
      script with pdb
    - gh-76511: Fix UnicodeEncodeError in
      email.Message.as_string() that results when a message
      that claims to be in the ascii character set actually has
      non-ascii characters. Non-ascii characters are now replaced
      with the U+FFFD replacement character, like in the replace
      error handler.
    - gh-116040: [Enum] fix by-value calls when second value is
      falsey; e.g. Cardinal(1, 0)
    - gh-75988: Fixed unittest.mock.create_autospec() to pass
      the call through to the wrapped object to return the real
      result.
    - gh-115881: Fix issue where ast.parse() would incorrectly
      flag conditional context managers (such as with (x() if y
      else z()): ...) as invalid syntax if feature_version=(3,
      8) was passed. This reverts changes to the grammar made as
      part of gh-94949.
    - gh-115886: Fix silent truncation of the
      name with an embedded null character in
      multiprocessing.shared_memory.SharedMemory.
    - gh-115809: Improve algorithm for computing
      which rolled-over log files to delete in
      logging.TimedRotatingFileHandler. It is now reliable for
      handlers without namer and with arbitrary deterministic
      namer that leaves the datetime part in the file name
      unmodified.
    - gh-74668: urllib.parse functions parse_qs() and
      parse_qsl() now support bytes arguments containing raw and
      percent-encoded non-ASCII data.
    - gh-67044: csv.writer() now always quotes or escapes '\r'
      and '\n', regardless of lineterminator value.
    - gh-115712: csv.writer() now quotes empty fields if
      delimiter is a space and skipinitialspace is true and
      raises exception if quoting is not possible.
    - gh-112364: Fixed ast.unparse() to handle format_spec with
      ", ' or \\. Patched by Frank Hoffmann.
    - gh-111358: Fix a bug in
      asyncio.BaseEventLoop.shutdown_default_executor() to ensure
      the timeout passed to the coroutine behaves as expected.
    - gh-115618: Fix improper decreasing the reference count for
      None argument in property methods getter(), setter() and
      deleter().
    - gh-115570: A DeprecationWarning is no longer omitted
      on access to the __doc__ attributes of the deprecated
      typing.io and typing.re pseudo-modules.
    - gh-112006: Fix inspect.unwrap() for types with the
      __wrapper__ data descriptor.
    - gh-101293: Support callables with the __call__() method
      and types with __new__() and __init__() methods set to
      class methods, static methods, bound methods, partial
      functions, and other types of methods and descriptors in
      inspect.Signature.from_callable().
    - gh-115392: Fix a bug in doctest where incorrect line
      numbers would be reported for decorated functions.
    - gh-114563: Fix several format() bugs when using the C
      implementation of Decimal: * memory leak in some rare
      cases when using the z format option (coerce negative 0) *
      incorrect output when applying the z format option to type
      F (fixed-point with capital NAN / INF) * incorrect output
      when applying the # format option (alternate form)
    - gh-115197: urllib.request no longer resolves the hostname
      before checking it against the system’s proxy bypass list
      on macOS and Windows.
    - gh-115165: Most exceptions are now ignored when attempting
      to set the __orig_class__ attribute on objects returned
      when calling typing generic aliases (including generic
      aliases created using typing.Annotated). Previously only
      AttributeError was ignored. Patch by Dave Shawley.
    - gh-115133: Fix tests for XMLPullParser with Expat 2.6.0.
    - gh-115059: io.BufferedRandom.read1() now flushes the
      underlying write buffer.
    - gh-79382: Trailing ** no longer allows to match files and
      non-existing paths in recursive glob().
    - gh-114071: Support tuple subclasses using auto() for enum
      member value.
    - gh-114763: Protect modules loaded with
      importlib.util.LazyLoader from race conditions when
      multiple threads try to access attributes before the
      loading is complete.
    - gh-97959: Fix rendering class methods, bound methods,
      method and function aliases in pydoc. Class methods
      no longer have “method of builtins.type instance”
      note. Corresponding notes are now added for class and
      unbound methods. Method and function aliases now have
      references to the module or the class where the origin
      was defined if it differs from the current. Bound methods
      are now listed in the static methods section. Methods of
      builtin classes are now supported as well as methods of
      Python classes.
    - gh-112281: Allow creating union of types for
      typing.Annotated with unhashable metadata.
    - gh-111775: Fix
      importlib.resources.simple.ResourceHandle.open() for text
      mode, added missed stream argument.
    - gh-90095: Make .pdbrc and -c work with any valid pdb
      commands.
    - gh-107155: Fix incorrect output of help(x) where x is a
      lambda function, which has an __annotations__ dictionary
      attribute with a "return" key.
    - gh-105866: Fixed _get_slots bug which caused error when
      defining dataclasses with slots and a weakref_slot.
    - gh-60346: Fix ArgumentParser inconsistent with
      parse_known_args.
    - gh-100985: Update HTTPSConnection to consistently wrap IPv6
      Addresses when using a proxy.
    - gh-100884: email: fix misfolding of comma in address-lists
      over multiple lines in combination with unicode encoding.
    - gh-95782: Fix io.BufferedReader.tell(),
      io.BufferedReader.seek(), _pyio.BufferedReader.tell(),
      io.BufferedRandom.tell(), io.BufferedRandom.seek() and
      _pyio.BufferedRandom.tell() being able to return negative
      offsets.
    - gh-96310: Fix a traceback in argparse when all options in a
      mutually exclusive group are suppressed.
    - gh-93205: Fixed a bug in
      logging.handlers.TimedRotatingFileHandler where multiple
      rotating handler instances pointing to files with the same
      name but different extensions would conflict and not delete
      the correct files.
    - bpo-44865: Add missing call to localization function in
      argparse.
    - bpo-43952: Fix multiprocessing.connection.Listener.accept()
      to accept empty bytes as authkey. Not accepting empty bytes
      as key causes it to hang indefinitely.
    - bpo-42125: linecache: get module name from __spec__ if
      available. This allows getting source code for the __main__
      module when a custom loader is used.
    - gh-66543: Make mimetypes.guess_type() properly parsing
      of URLs with only a host name, URLs containing fragment
      or query, and filenames with only a UNC sharepoint on
      Windows. Based on patch by Dong-hee Na.
    - bpo-33775: Add ‘default’ and ‘version’ help text for
      localization in argparse.
    - Documentation
    - gh-115399: Document CVE-2023-52425 of Expat <2.6.0 under
      “XML vulnerabilities”.
    - gh-115233: Fix an example for LoggerAdapter in the Logging
      Cookbook.
    - Tests
    - gh-83434: Disable JUnit XML output (--junit-xml=FILE
      command line option) in regrtest when hunting for reference
      leaks (-R option). Patch by Victor Stinner.
    - gh-117187: Fix XML tests for vanilla Expat <2.6.0.
    - gh-116333: Tests of TLS related things (error codes, etc)
      were updated to be more lenient about specific error
      message strings and behaviors as seen in the BoringSSL and
      AWS-LC forks of OpenSSL.
    - gh-115979: Update test_importlib so that it passes under
      WASI SDK 21.
    - gh-112536: Add –tsan to test.regrtest for running TSAN
      tests in reasonable execution times. Patch by Donghee Na.
    - gh-116307: Added import helper isolated_modules as
      CleanImport does not remove modules imported during the
      context. Use it in importlib.resources tests to avoid
      leaving mod around to impede importlib.metadata tests.
    - gh-115720: Leak tests (-R, --huntrleaks) now show a summary
      of the number of leaks found in each iteration.
    - gh-115122: Add --bisect option to regrtest test runner:
      run failed tests with test.bisect_cmd to identify failing
      tests. Patch by Victor Stinner.
    - gh-115596: Fix ProgramPriorityTests in test_os permanently
      changing the process priority.
    - Build
    - gh-116313: Get WASI builds to work under wasmtime 18 w/
      WASI 0.2/preview2 primitives.
    - gh-116117: Backport libb2’s PR #42 to fix compiling CPython
      on 32-bit Windows with clang-cl.
    - gh-115167: Avoid vendoring vcruntime140_threads.dll when
      building with Visual Studio 2022 version 17.8.
    - gh-112536: Add support for thread sanitizer (TSAN)
    - Windows
    - gh-117267: Ensure DirEntry.stat().st_ctime behaves
      consistently with os.stat() during the deprecation
      period of st_ctime by containing the same value as
      st_birthtime. After the deprecation period, st_ctime
      will be the metadata change time (or unavailable through
      DirEntry), and only st_birthtime will contain the creation
      time.
    - gh-116773: Fix instances of <_overlapped.Overlapped object
      at 0xXXX> still has pending operation at deallocation, the
      process may crash.
    - gh-91227: Fix the asyncio ProactorEventLoop implementation
      so that sending a datagram to an address that is not
      listening does not prevent receiving any more datagrams.
    - gh-115554: The installer now has more strict rules about
      updating the Python Launcher for Windows. In general, most
      users only have a single launcher installed and will see no
      difference. When multiple launchers have been installed,
      the option to install the launcher is disabled until all
      but one have been removed. Downgrading the launcher (which
      was never allowed) is now more obviously blocked.
    - gh-115543: Python Launcher for Windows can now
      detect Python 3.13 when installed from the Microsoft
      Store, and will install Python 3.12 by default when
      PYLAUNCHER_ALLOW_INSTALL is set.
    - gh-115049: Fixes py.exe launcher failing when run as users
      without user profiles.
    - gh-115009: Update Windows installer to use SQLite 3.45.1.
    - IDLE
    - gh-88516: On macOS show a proxy icon in the title bar of
      editor windows to match platform behaviour.
    - Tools/Demos
    - gh-113516: Don’t set LDSHARED when building for WASI.
    - C API
    - gh-117021: Fix integer overflow in PyLong_AsPid() on
      non-Windows 64-bit platforms.
    - gh-116869: Make the C API compatible with
    - Werror=declaration-after-statement compiler flag
      again. Patch by Victor Stinner.
* Wed Mar 06 2024 Pedro Monreal <[email protected]>
  - Use the system-wide crypto-policies [bsc#1211301]
    * Use the system default cipher list instead of hardcoded values
    * Add the --with-ssl-default-suites=openssl configure option
* Fri Feb 23 2024 Matej Cepl <[email protected]>
  - (bsc#1219666, CVE-2023-6597) Add
    CVE-2023-6597-TempDir-cleaning-symlink.patch (patch from
    gh#python/cpython!99930) fixing symlink bug in cleanup of
    tempfile.TemporaryDirectory.
* Tue Feb 20 2024 Matej Cepl <[email protected]>
  - Switch to %%autopatch. Let’s try it as an experiment, and if we
    need conditional patch, we should put condition inside of it.
  - Remove double definition of /usr/bin/idle%%{version} in
    %%files.
* Thu Feb 15 2024 Daniel Garcia <[email protected]>
  - Add upstream patch libexpat260.patch, Fix tests for XMLPullParser
    with Expat 2.6.0, gh#python/cpython#115288
* Mon Feb 12 2024 Matej Cepl <[email protected]>
  - (bsc#1210638, CVE-2023-27043) Add
    CVE-2023-27043-email-parsing-errors.patch, which rejects
    malformed addresses in email.parseaddr() (gh#python/cpython!111116)
    Detect email address parsing errors and return empty tuple to
    indicate the parsing error (old API). Add an optional 'strict'
    parameter to getaddresses() and parseaddr() functions. Patch by
    Thomas Dwyer.
* Thu Feb 08 2024 Daniel Garcia <[email protected]>
  - Update to 3.12.2:
    - Security
    - gh-113659: Skip .pth files with names starting with a dot or
      hidden file attribute.
    - Core and Builtins
    - gh-114887: Changed socket type validation in
      create_datagram_endpoint() to accept all non-stream sockets.
      This fixes a regression in compatibility with raw sockets.
    - gh-114388: Fix a RuntimeWarning emitted when assign an
      integer-like value that is not an instance of int to an
      attribute that corresponds to a C struct member of type T_UINT
      and T_ULONG. Fix a double RuntimeWarning emitted when assign a
      negative integer value to an attribute that corresponds to a C
      struct member of type T_UINT.
    - gh-113703: Fix a regression in the codeop module that was
      causing it to incorrectly identify incomplete f-strings. Patch
      by Pablo Galindo
    - gh-89811: Check for a valid tp_version_tag before performing
      bytecode specializations that rely on this value being usable.
    - gh-113602: Fix an error that was causing the parser to try to
      overwrite existing errors and crashing in the process. Patch by
      Pablo Galindo
    - gh-113297: Fix segfault in the compiler on with statement with
      19 context managers.
    - gh-106905: Use per AST-parser state rather than global state to
      track recursion depth within the AST parser to prevent potential
      race condition due to simultaneous parsing.
    - The issue primarily showed up in 3.11 by multithreaded users of
      ast.parse(). In 3.12 a change to when garbage collection can be
      triggered prevented the race condition from occurring.
    - gh-112943: Correctly compute end column offsets for multiline
      tokens in the tokenize module. Patch by Pablo Galindo
    - gh-112716: Fix SystemError in the import statement and in
      __reduce__() methods of builtin types when __builtins__ is not a
      dict.
    - gh-94606: Fix UnicodeEncodeError when
      email.message.get_payload() reads a message with a Unicode
      surrogate character and the message content is not well-formed
      for surrogateescape encoding. Patch by Sidney Markowitz.
    - Library
    - gh-114965: Update bundled pip to 24.0
    - gh-114959: tarfile no longer ignores errors when trying to
      extract a directory on top of a file.
    - gh-109475: Fix support of explicit option value “–” in argparse
      (e.g. --option=--).
    - gh-110190: Fix ctypes structs with array on Windows ARM64
      platform by setting MAX_STRUCT_SIZE to 32 in stgdict. Patch by
      Diego Russo
    - gh-113280: Fix a leak of open socket in rare cases when error
      occurred in ssl.SSLSocket creation.
    - gh-77749: email.policy.EmailPolicy.fold() now always encodes
      non-ASCII characters in headers if utf8 is false.
    - gh-114492: Make the result of termios.tcgetattr() reproducible
      on Alpine Linux. Previously it could leave a random garbage in
      some fields.
    - gh-113267: Revert changes in gh-106584 which made calls of
      TestResult methods startTest() and stopTest() unbalanced.
    - gh-75128: Ignore an OSError in
      asyncio.BaseEventLoop.create_server() when IPv6 is available but
      the interface cannot actually support it.
    - gh-114257: Dismiss the FileNotFound error in
      ctypes.util.find_library() and just return None on Linux.
    - gh-114328: The tty.setcbreak() and new tty.cfmakecbreak() no
      longer clears the terminal input ICRLF flag. This fixes a
      regression introduced in 3.12 that no longer matched how OSes
      define cbreak mode in their stty(1) manual pages.
    - gh-101438: Avoid reference cycle in ElementTree.iterparse. The
      iterator returned by ElementTree.iterparse may hold on to a file
      descriptor. The reference cycle prevented prompt clean-up of the
      file descriptor if the returned iterator was not exhausted.
    - gh-104522: OSError raised when run a subprocess now only has
      filename attribute set to cwd if the error was caused by a
      failed attempt to change the current directory.
    - gh-114149: Enum: correctly handle tuple subclasses in custom
      __new__.
    - gh-109534: Fix a reference leak in
      asyncio.selector_events.BaseSelectorEventLoop when SSL
      handshakes fail. Patch contributed by Jamie Phan.
    - gh-114077: Fix possible OverflowError in
      socket.socket.sendfile() when pass count larger than 2 GiB on
      32-bit platform.
    - gh-114014: Fixed a bug in fractions.Fraction where an invalid
      string using d in the decimals part creates a different error
      compared to other invalid letters/characters. Patch by Jeremiah
      Gabriel Pascual.
    - gh-113951: Fix the behavior of tag_unbind() methods of
      tkinter.Text and tkinter.Canvas classes with three arguments.
      Previously, widget.tag_unbind(tag, sequence, funcid) destroyed
      the current binding for sequence, leaving sequence unbound, and
      deleted the funcid command. Now it removes only funcid from the
      binding for sequence, keeping other commands, and deletes the
      funcid command. It leaves sequence unbound only if funcid was
      the last bound command.
    - gh-113877: Fix tkinter method winfo_pathname() on 64-bit
      Windows.
    - gh-113661: unittest runner: Don’t exit 5 if tests were skipped.
      The intention of exiting 5 was to detect issues where the test
      suite wasn’t discovered at all. If we skipped tests, it was
      correctly discovered.
    - gh-113781: Silence unraisable AttributeError when warnings are
      emitted during Python finalization.
    - gh-112932: Restore the ability for zipfile to extractall from
      zip files with a “/” directory entry in them as is commonly
      added to zips by some wiki or bug tracker data exporters.
    - gh-113594: Fix UnicodeEncodeError in email when re-fold lines
      that contain unknown-8bit encoded part followed by
      non-unknown-8bit encoded part.
    - gh-113538: In asyncio.StreamReaderProtocol.connection_made(),
      there is callback that logs an error if the task wrapping the
      “connected callback” fails. This callback would itself fail if
      the task was cancelled. Prevent this by checking whether the
      task was cancelled first. If so, close the transport but don’t
      log an error.
    - gh-85567: Fix resource warnings for unclosed files in pickle and
      pickletools command line interfaces.
    - gh-101225: Increase the backlog for
      multiprocessing.connection.Listener objects created by
      multiprocessing.manager and multiprocessing.resource_sharer to
      significantly reduce the risk of getting a connection refused
      error when creating a multiprocessing.connection.Connection to
      them.
    - gh-113543: Make sure that webbrowser.MacOSXOSAScript sends
      webbrowser.open audit event.
    - gh-113028: When a second reference to a string appears in the
      input to pickle, and the Python implementation is in use, we are
      guaranteed that a single copy gets pickled and a single object
      is shared when reloaded. Previously, in protocol 0, when a
      string contained certain characters (e.g. newline) it resulted
      in duplicate objects.
    - gh-113421: Fix multiprocessing logger for %(filename)s.
    - gh-111784: Fix segfaults in the _elementtree module. Fix first
      segfault during deallocation of _elementtree.XMLParser instances
      by keeping strong reference to pyexpat module in module state
      for capsule lifetime. Fix second segfault which happens in the
      same deallocation process by keeping strong reference to
      _elementtree module in XMLParser structure for _elementtree
      module lifetime.
    - gh-113407: Fix import of unittest.mock when CPython is built
      without docstrings.
    - gh-113320: Fix regression in Python 3.12 where Protocol classes
      that were not marked as runtime-checkable would be unnecessarily
      introspected, potentially causing exceptions to be raised if the
      protocol had problematic members. Patch by Alex Waygood.
    - gh-113358: Fix rendering tracebacks for exceptions with a broken
      __getattr__.
    - gh-113214: Fix an AttributeError during asyncio SSL protocol
      aborts in SSL-over-SSL scenarios.
    - gh-113246: Update bundled pip to 23.3.2.
    - gh-113199: Make http.client.HTTPResponse.read1 and
      http.client.HTTPResponse.readline close IO after reading all
      data when content length is known. Patch by Illia Volochii.
    - gh-113188: Fix shutil.copymode() and shutil.copystat() on
      Windows. Previously they worked differenly if dst is a symbolic
      link: they modified the permission bits of dst itself rather
      than the file it points to if follow_symlinks is true or src is
      not a symbolic link, and did not modify the permission bits if
      follow_symlinks is false and src is a symbolic link.
    - gh-61648: Detect line numbers of properties in doctests.
    - gh-112559: signal.signal() and signal.getsignal() no longer call
      repr on callable handlers. asyncio.run() and
      asyncio.Runner.run() no longer call repr on the task results.
      Patch by Yilei Yang.
    - gh-110190: Fix ctypes structs with array on PPC64LE platform by
      setting MAX_STRUCT_SIZE to 64 in stgdict. Patch by Diego Russo.
    - gh-79429: Ignore FileNotFoundError when remove a temporary
      directory in the multiprocessing finalizer.
    - gh-81194: Fix a crash in socket.if_indextoname() with specific
      value (UINT_MAX). Fix an integer overflow in
      socket.if_indextoname() on 64-bit non-Windows platforms.
    - gh-112343: Improve handling of pdb convenience variables to
      avoid replacing string contents.
    - gh-111615: Fix a regression caused by a fix to gh-93162 whereby
      you couldn’t configure a QueueHandler without specifying
      handlers.
    - gh-111049: Fix crash during garbage collection of the io.BytesIO
      buffer object.
    - gh-110345: Show the Tcl/Tk patchlevel (rather than version) in
      tkinter._test().
    - gh-109858: Protect zipfile from “quoted-overlap” zipbomb. It now
      raises BadZipFile when try to read an entry that overlaps with
      other entry or central directory.
    - gh-114440: On Windows, closing the connection writer when
      cleaning up a broken multiprocessing.Queue queue is now done for
      all queues, rather than only in concurrent.futures manager
      thread. This can prevent a deadlock when a multiprocessing
      worker process terminates without cleaning up. This completes
      the backport of patches by Victor Stinner and Serhiy Storchaka.
    - gh-38807: Fix race condition in trace. Instead of checking if a
      directory exists and creating it, directly call os.makedirs()
      with the kwarg exist_ok=True.
    - gh-75705: Set unixfrom envelope in mailbox.mbox and
      mailbox.MMDF.
    - gh-106233: Fix stacklevel in InvalidTZPathWarning during
      zoneinfo module import.
    - gh-105102: Allow ctypes.Union to be nested in ctypes.Structure
      when the system endianness is the opposite of the classes.
    - gh-104282: Fix null pointer dereference in
      lzma._decode_filter_properties() due to improper handling of BCJ
      filters with properties of zero length. Patch by Radislav
      Chugunov.
    - gh-102512: When os.fork() is called from a foreign thread (aka
      _DummyThread), the type of the thread in a child process is
      changed to _MainThread. Also changed its name and daemonic
      status, it can be now joined.
    - bpo-35928: io.TextIOWrapper now correctly handles the decoding
      buffer after read() and write().
    - bpo-26791: shutil.move() now moves a symlink into a directory
      when that directory is the target of the symlink. This provides
      the same behavior as the mv shell command. The previous behavior
      raised an exception. Patch by Jeffrey Kintscher.
    - bpo-36959: Fix some error messages for invalid ISO format string
      combinations in strptime() that referred to directives not
      contained in the format string. Patch by Gordon P. Hemsley.
    - bpo-18060: Fixed a class inheritance issue that can cause
      segfaults when deriving two or more levels of subclasses from a
      base class of Structure or Union.
    - Documentation
    - gh-110746: Improved markup for valid options/values for methods
      ttk.treeview.column and ttk.treeview.heading, and for Layouts.
    - gh-95649: Document that the asyncio module contains code taken
      from v0.16.0 of the uvloop project, as well as the required MIT
      licensing information.
    - Tests
    - gh-109980: Fix test_tarfile_vs_tar in test_shutil for macOS,
      where system tar can include more information in the archive
      than shutil.make_archive.
    - gh-105089: Fix
      test.test_zipfile.test_core.TestWithDirectory.test_create_directory_with_write
      test in AIX by doing a bitwise AND of 0xFFFF on mode , so that
      it will be in sync with zinfo.external_attr
    - bpo-40648: Test modes that file can get with chmod() on Windows.
    - Build
    - gh-112305: Fixed the check-clean-src step performed on out of
      tree builds to detect errant $(srcdir)/Python/frozen_modules/*.h
      files and recommend appropriate source tree cleanup steps to get
      a working build again.
    - gh-112867: Fix the build for the case that
      WITH_PYMALLOC_RADIX_TREE=0 set.
    - bpo-11102: The os.major(), os.makedev(), and os.minor()
      functions are now available on HP-UX v3.
    - bpo-36351: Do not set ipv6type when cross-compiling.
    - IDLE
    - gh-96905: In idlelib code, stop redefining built-ins ‘dict’ and
      ‘object’.
    - gh-72284: Improve the lists of features, editor key bindings,
      and shell key bingings in the IDLE doc.
    - gh-113903: Fix rare failure of test.test_idle, in
      test_configdialog.
    - gh-113729: Fix the “Help -> IDLE Doc” menu bug in 3.11.7 and
      3.12.1.
    - gh-113269: Fix test_editor hang on macOS Catalina.
    - gh-112898: Fix processing unsaved files when quitting IDLE on
      macOS.
    - gh-103820: Revise IDLE bindings so that events from mouse button
      4/5 on non-X11 windowing systems (i.e. Win32 and Aqua) are not
      mistaken for scrolling.
    - bpo-13586: Enter the selected text when opening the “Replace”
      dialog.
    - Tools/Demos
    - gh-109991: Update GitHub CI workflows to use OpenSSL 3.0.13 and
      multissltests to use 1.1.1w, 3.0.13, 3.1.5, and 3.2.1.
    - gh-115015: Fix a bug in Argument Clinic that generated incorrect
      code for methods with no parameters that use the METH_METHOD |
      METH_FASTCALL | METH_KEYWORDS calling convention. Only the
      positional parameter count was checked; any keyword argument
      passed would be silently accepted.
  - Refresh patches:
    - bpo-31046_ensurepip_honours_prefix.patch
    - fix_configure_rst.patch
    - no-skipif-doctests.patch
    - python-3.3.0b1-fix_date_time_compiler.patch
    - python-3.3.0b1-localpath.patch
    - python-3.3.0b1-test-posix_fadvise.patch
    - skip-test_pyobject_freed_is_freed.patch
    - subprocess-raise-timeout.patch
* Fri Dec 15 2023 Daniel Garcia <[email protected]>
  - Update patch fix_configure_rst.patch
  - Update to 3.12.1 (CVE-2023-6507, bsc#1217939):
    - Core and Builtins
    - gh-112125: Fix None.__ne__(None) returning NotImplemented
      instead of False
    - gh-112625: Fixes a bug where a bytearray object could be
      cleared while iterating over an argument in the
      bytearray.join() method that could result in reading memory
      after it was freed.
    - gh-105967: Workaround a bug in Apple’s macOS platform zlib
      library where zlib.crc32() and binascii.crc32() could produce
      incorrect results on multi-gigabyte inputs. Including when
      using zipfile on zips containing large data.
    - gh-112356: Stopped erroneously deleting a LOAD_NULL bytecode
      instruction when optimized twice.
    - gh-111058: Change coro.cr_frame/gen.gi_frame to return None
      after the coroutine/generator has been closed. This fixes a bug
      where getcoroutinestate() and getgeneratorstate() return the
      wrong state for a closed coroutine/generator.
    - gh-112388: Fix an error that was causing the parser to try to
      overwrite tokenizer errors. Patch by pablo Galindo
    - gh-112387: Fix error positions for decoded strings with
      backwards tokenize errors. Patch by Pablo Galindo
    - gh-112367: Avoid undefined behaviour when using the perf
      trampolines by not freeing the code arenas until shutdown.
      Patch by Pablo Galindo
    - gh-112243: Don’t include comments in f-string debug
      expressions. Patch by Pablo Galindo
    - gh-112266: Change docstrings of __dict__ and __weakref__.
    - gh-111654: Fix runtime crash when some error happens in opcode
      LOAD_FROM_DICT_OR_DEREF.
    - gh-109181: Speed up Traceback object creation by lazily compute
      the line number. Patch by Pablo Galindo
    - gh-102388: Fix a bug where iso2022_jp_3 and iso2022_jp_2004
      codecs read out of bounds
    - gh-111366: Fix an issue in the codeop that was causing
      SyntaxError exceptions raised in the presence of invalid syntax
      to not contain precise error messages. Patch by Pablo Galindo
    - gh-111380: Fix a bug that was causing SyntaxWarning to appear
      twice when parsing if invalid syntax is encountered later.
      Patch by Pablo galindo
    - gh-94438: Fix a regression that prevented jumping across is
      None and is not None when debugging. Patch by Savannah
      Ostrowski.
    - gh-110938: Fix error messages for indented blocks with
      functions and classes with generic type parameters. Patch by
      Pablo Galindo
    - gh-109894: Fixed crash due to improperly initialized static
      MemoryError in subinterpreter.
    - gh-110782: Fix crash when typing.TypeVar is constructed with a
      keyword argument. Patch by Jelle Zijlstra.
    - gh-110696: Fix incorrect error message for invalid argument
      unpacking. Patch by Pablo Galindo
    - gh-110543: Fix regression in Python 3.12 where
      types.CodeType.replace() would produce a broken code object if
      called on a module or class code object that contains a
      comprehension. Patch by Jelle Zijlstra.
    - gh-110514: Add PY_THROW to sys.setprofile() events
    - gh-110455: Guard assert(tstate->thread_id > 0) with #ifndef
      HAVE_PTHREAD_STUBS. This allows for for pydebug builds to work
      under WASI which (currently) lacks thread support.
    - gh-110259: Correctly identify the format spec in f-strings
      (with single or triple quotes) that have multiple lines in the
      expression part and include a formatting spec. Patch by Pablo
      Galindo
    - gh-110237: Fix missing error checks for calls to PyList_Append
      in _PyEval_MatchClass.
    - gh-109889: Fix the compiler’s redundant NOP detection algorithm
      to skip over NOPs with no line number when looking for the next
      instruction’s lineno.
    - gh-109853: sys.path[0] is now set correctly for
      subinterpreters.
    - gh-105716: Subinterpreters now correctly handle the case where
      they have threads running in the background. Before, such
      threads would interfere with cleaning up and destroying them,
      as well as prevent running another script.
    - gh-109793: The main thread no longer exits prematurely when a
      subinterpreter is cleaned up during runtime finalization. The
      bug was a problem particularly because, when triggered, the
      Python process would always return with a 0 exitcode, even if
      it failed.
    - gh-109596: Fix some tokens in the grammar that were incorrectly
      marked as soft keywords. Also fix some repeated rule names and
      ensure that repeated rules are not allowed. Patch by Pablo
      Galindo
    - gh-109351: Fix crash when compiling an invalid AST involving a
      named (walrus) expression.
    - gh-109216: Fix possible memory leak in BUILD_MAP.
    - gh-109207: Fix a SystemError in __repr__ of symtable entry
      object.
    - gh-109179: Fix bug where the C traceback display drops notes
      from SyntaxError.
    - gh-109052: Use the base opcode when comparing code objects to
      avoid interference from instrumentation
    - gh-88943: Improve syntax error for non-ASCII character that
      follows a numerical literal. It now points on the invalid
      non-ASCII character, not on the valid numerical literal.
    - gh-106931: Statically allocated string objects are now interned
      globally instead of per-interpreter. This fixes a situation
      where such a string would only be interned in a single
      interpreter. Normal string objects are unaffected.
    - Library
    - gh-79325: Fix an infinite recursion error in
      tempfile.TemporaryDirectory() cleanup on Windows.
    - gh-112645: Remove deprecation error on passing onerror to
      shutil.rmtree().
    - gh-112618: Fix a caching bug relating to typing.Annotated.
      Annotated[str, True] is no longer identical to Annotated[str,
      1].
    - gh-112334: Fixed a performance regression in 3.12’s subprocess
      on Linux where it would no longer use the fast-path vfork()
      system call when it should have due to a logic bug, instead
      always falling back to the safe but slower fork().
    - Also fixed a related 3.12 security regression: If a value of
      extra_groups=[] was passed to subprocess.Popen or related APIs,
      the underlying setgroups(0, NULL) system call to clear the
      groups list would not be made in the child process prior to
      exec(). This has been assigned CVE-2023-6507.
    - This was identified via code inspection in the process of fixing
      the first bug.
    - gh-110190: Fix ctypes structs with array on Arm platform by
      setting MAX_STRUCT_SIZE to 32 in stgdict. Patch by Diego Russo.
    - gh-112578: Fix a spurious RuntimeWarning when executing the
      zipfile module.
    - gh-112509: Fix edge cases that could cause a key to be present
      in both the __required_keys__ and __optional_keys__ attributes
      of a typing.TypedDict. Patch by Jelle Zijlstra.
    - gh-112414: Fix regression in Python 3.12 where calling repr() on
      a module that had been imported using a custom loader could fail
      with AttributeError. Patch by Alex Waygood.
    - gh-112358: Revert change to struct.Struct initialization that
      broke some cases of subclassing.
    - gh-94722: Fix bug where comparison between instances of DocTest
      fails if one of them has None as its lineno.
    - gh-112105: Make readline.set_completer_delims() work with
      libedit
    - gh-111942: Fix SystemError in the TextIOWrapper constructor with
      non-encodable “errors” argument in non-debug mode.
    - gh-109538: Issue warning message instead of having RuntimeError
      be displayed when event loop has already been closed at
      StreamWriter.__del__().
    - gh-111942: Fix crashes in io.TextIOWrapper.reconfigure() when
      pass invalid arguments, e.g. non-string encoding.
    - gh-111460: curses: restore wide character support (including
      curses.unget_wch() and get_wch()) on macOS, which was
      unavailable due to a regression in Python 3.12.
    - gh-103791: contextlib.suppress now supports suppressing
      exceptions raised as part of a BaseExceptionGroup, in addition
      to the recent support for ExceptionGroup.
    - gh-111804: Remove posix.fallocate() under WASI as the underlying
      posix_fallocate() is not available in WASI preview2.
    - gh-111841: Fix truncating arguments on an embedded null
      character in os.putenv() and os.unsetenv() on Windows.
    - gh-111541: Fix doctest for SyntaxError not-builtin subclasses.
    - gh-110894: Call loop exception handler for exceptions in
      client_connected_cb of asyncio.start_server() so that
      applications can handle it. Patch by Kumar Aditya.
    - gh-111531: Fix reference leaks in bind_class() and bind_all()
      methods of tkinter widgets.
    - gh-111356: Added io.text_encoding(), io.DEFAULT_BUFFER_SIZE, and
      io.IncrementalNewlineDecoder to io.__all__.
    - gh-111342: Fixed typo in math.sumprod().
    - gh-68166: Remove mention of not supported “vsapi” element type
      in tkinter.ttk.Style.element_create(). Add tests for
      element_create() and other ttk.Style methods. Add examples for
      element_create() in the documentation.
    - gh-75666: Fix the behavior of tkinter widget’s unbind() method
      with two arguments. Previously, widget.unbind(sequence, funcid)
      destroyed the current binding for sequence, leaving sequence
      unbound, and deleted the funcid command. Now it removes only
      funcid from the binding for sequence, keeping other commands,
      and deletes the funcid command. It leaves sequence unbound only
      if funcid was the last bound command.
    - gh-79033: Another attempt at fixing
      asyncio.Server.wait_closed(). It now blocks until both
      conditions are true: the server is closed, and there are no more
      active connections. (This means that in some cases where in
      3.12.0 this function would incorrectly have returned
      immediately, it will now block; in particular, when there are no
      active connections but the server hasn’t been closed yet.)
    - gh-111295: Fix time not checking for errors when initializing.
    - gh-111253: Add error checking during _socket module init.
    - gh-111251: Fix _blake2 not checking for errors when
      initializing.
    - gh-111174: Fix crash in io.BytesIO.getbuffer() called repeatedly
      for empty BytesIO.
    - gh-111187: Postpone removal version for
      locale.getdefaultlocale() to Python 3.15.
    - gh-111159: Fix doctest output comparison for exceptions with
      notes.
    - gh-110910: Fix invalid state handling in asyncio.TaskGroup and
      asyncio.Timeout. They now raise proper RuntimeError if they are
      improperly used and are left in consistent state after this.
    - gh-111092: Make turtledemo run without default root enabled.
    - gh-110488: Fix a couple of issues in
      pathlib.PurePath.with_name(): a single dot was incorrectly
      considered a valid name, and in PureWindowsPath, a name with an
      NTFS alternate data stream, like a:b, was incorrectly considered
      invalid.
    - gh-110392: Fix tty.setraw() and tty.setcbreak(): previously they
      returned partially modified list of the original tty attributes.
      tty.cfmakeraw() and tty.cfmakecbreak() now make a copy of the
      list of special characters before modifying it.
    - gh-110590: Fix a bug in _sre.compile() where TypeError would be
      overwritten by OverflowError when the code argument was a list
      of non-ints.
    - gh-65052: Prevent pdb from crashing when trying to display
      undisplayable objects
    - gh-110519: Deprecation warning about non-integer number in
      gettext now alwais refers to the line in the user code where
      gettext function or method is used. Previously it could refer to
      a line in gettext code.
    - gh-110395: Ensure that select.kqueue() objects correctly appear
      as closed in forked children, to prevent operations on an
      invalid file descriptor.
    - gh-110378: contextmanager() and asynccontextmanager() context
      managers now close an invalid underlying generator object that
      yields more then one value.
    - gh-110365: Fix termios.tcsetattr() bug that was overwritting
      existing errors during parsing integers from term list.
    - gh-109653: Fix a Python 3.12 regression in the import time of
      random. Patch by Alex Waygood.
    - gh-110196: Add __reduce__ method to IPv6Address in order to keep
      scope_id
    - gh-110036: On Windows, multiprocessing Popen.terminate() now
      catchs PermissionError and get the process exit code. If the
      process is still running, raise again the PermissionError.
      Otherwise, the process terminated as expected: store its exit
      code. Patch by Victor Stinner.
    - gh-110038: Fixed an issue that caused KqueueSelector.select() to
      not return all the ready events in some cases when a file
      descriptor is registered for both read and write.
    - gh-109631: re functions such as re.findall(), re.split(),
      re.search() and re.sub() which perform short repeated matches
      can now be interrupted by user.
    - gh-109747: Improve errors for unsupported look-behind patterns.
      Now re.error is raised instead of OverflowError or RuntimeError
      for too large width of look-behind pattern.
    - gh-109818: Fix reprlib.recursive_repr() not copying
      __type_params__ from decorated function.
    - gh-109047: concurrent.futures: The executor manager thread now
      catches exceptions when adding an item to the call queue. During
      Python finalization, creating a new thread can now raise
      RuntimeError. Catch the exception and call terminate_broken() in
      this case. Patch by Victor Stinner.
    - gh-109782: Ensure the signature of os.path.isdir() is identical
      on all platforms. Patch by Amin Alaee.
    - gh-109590: shutil.which() will prefer files with an extension in
      PATHEXT if the given mode includes os.X_OK on win32. If no
      PATHEXT match is found, a file without an extension in PATHEXT
      can be returned. This change will have shutil.which() act more
      similarly to previous behavior in Python 3.11.
    - gh-109786: Fix possible reference leaks and crash when re-enter
      the __next__() method of itertools.pairwise.
    - gh-109593: Avoid deadlocking on a reentrant call to the
      multiprocessing resource tracker. Such a reentrant call, though
      unlikely, can happen if a GC pass invokes the finalizer for a
      multiprocessing object such as SemLock.
    - gh-109613: Fix os.stat() and os.DirEntry.stat(): check for
      exceptions. Previously, on Python built in debug mode, these
      functions could trigger a fatal Python error (and abort the
      process) when a function succeeded with an exception set. Patch
      by Victor Stinner.
    - gh-109375: The pdb alias command now prevents registering
      aliases without arguments.
    - gh-107219: Fix a race condition in concurrent.futures. When a
      process in the process pool was terminated abruptly (while the
      future was running or pending), close the connection write end.
      If the call queue is blocked on sending bytes to a worker
      process, closing the connection write end interrupts the send,
      so the queue can be closed. Patch by Victor Stinner.
    - gh-50644: Attempts to pickle or create a shallow or deep copy of
      codecs streams now raise a TypeError. Previously, copying failed
      with a RecursionError, while pickling produced wrong results
      that eventually caused unpickling to fail with a RecursionError.
    - gh-108987: Fix _thread.start_new_thread() race condition. If a
      thread is created during Python finalization, the newly spawned
      thread now exits immediately instead of trying to access freed
      memory and lead to a crash. Patch by Victor Stinner.
    - gh-108791: Improved error handling in pdb command line
      interface, making it produce more concise error messages.
    - gh-105829: Fix concurrent.futures.ProcessPoolExecutor deadlock
    - gh-106584: Fix exit code for unittest if all tests are skipped.
      Patch by Egor Eliseev.
    - gh-102956: Fix returning of empty byte strings after seek in
      zipfile module
    - gh-84867: unittest.TestLoader no longer loads test cases from
      exact unittest.TestCase and unittest.FunctionTestCase classes.
    - gh-91133: Fix a bug in tempfile.TemporaryDirectory cleanup,
      which now no longer dereferences symlinks when working around
      file system permission errors.
    - gh-73561: Omit the interface scope from an IPv6 address when
      used as Host header by http.client.
    - gh-86826: zipinfo now supports the full range of values in the
      TZ string determined by RFC 8536 and detects all invalid
      formats. Both Python and C implementations now raise exceptions
      of the same type on invalid data.
    - bpo-43153: On Windows, tempfile.TemporaryDirectory previously
      masked a PermissionError with NotADirectoryError during
      directory cleanup. It now correctly raises PermissionError if
      errors are not ignored. Patch by Andrei Kulakov and Ken Jin.
    - bpo-35332: The shutil.rmtree() function now ignores errors when
      calling os.close() when ignore_errors is True, and os.close() no
      longer retried after error.
    - bpo-41422: Fixed memory leaks of pickle.Pickler and
      pickle.Unpickler involving cyclic references via the internal
      memo mapping.
    - bpo-40262: The ssl.SSLSocket.recv_into() method no longer
      requires the buffer argument to implement __len__ and supports
      buffers with arbitrary item size.
    - Documentation
    - gh-111699: Relocate smtpd deprecation notice to its own section
      rather than under locale in What’s New in Python 3.12 document
    - gh-108826: dis module command-line interface is now mentioned in
      documentation. Test- s
    - gh-112769: The tests now correctly compare zlib version when
      zlib.ZLIB_RUNTIME_VERSION contains non-integer suffixes. For
      example zlib-ng defines the version as 1.3.0.zlib-ng.
    - gh-110367: Make regrtest --verbose3 option compatible with
    - -huntrleaks -jN options. The ./python -m test -j1 -R 3:3
    - -verbose3 command now works as expected. Patch by Victor
      Stinner.
    - gh-111165: Remove no longer used functions run_unittest() and
      run_doctest() from the test.support module.
    - gh-110932: Fix regrtest if the SOURCE_DATE_EPOCH environment
      variable is defined: use the variable value as the random seed.
      Patch by Victor Stinner.
    - gh-110995: test_gdb: Fix detection of gdb built without Python
      scripting support. Patch by Victor Stinner.
    - gh-110918: Test case matching patterns specified by options
    - -match, --ignore, --matchfile and --ignorefile are now tested
      in the order of specification, and the last match determines
      whether the test case be run or ignored.
    - gh-110647: Fix test_stress_modifying_handlers() of test_signal.
      Patch by Victor Stinner.
    - gh-103053: Fix test_tools.test_freeze on FreeBSD: run “make
      distclean” instead of “make clean” in the copied source
      directory to remove also the “python” program. Patch by Victor
      Stinner.
    - gh-110167: Fix a deadlock in test_socket when server fails with
      a timeout but the client is still running in its thread. Don’t
      hold a lock to call cleanup functions in doCleanups(). One of
      the cleanup function waits until the client completes, whereas
      the client could deadlock if it called addCleanup() in such
      situation. Patch by Victor Stinner.
    - gh-110388: Add tests for tty.
    - gh-81002: Add tests for termios.
    - gh-110267: Add tests for pickling and copying PyStructSequence
      objects. Patched by Xuehai Pan.
    - gh-110031: Skip test_threading tests using thread+fork if Python
      is built with Address Sanitizer (ASAN). Patch by Victor Stinner.
    - gh-110088: Fix test_asyncio timeouts: don’t measure the maximum
      duration, a test should not measure a CI performance. Only
      measure the minimum duration when a task has a timeout or delay.
      Add CLOCK_RES to test_asyncio.utils. Patch by Victor Stinner.
    - gh-109974: Fix race conditions in test_threading lock tests.
      Wait until a condition is met rather than using time.sleep()
      with a hardcoded number of seconds. Patch by Victor Stinner.
    - gh-110033: Fix test_interprocess_signal() of test_signal. Make
      sure that the subprocess.Popen object is deleted before the test
      raising an exception in a signal handler. Otherwise,
      Popen.__del__() can get the exception which is logged as
      Exception ignored in: ... and the test fails. Patch by Victor
      Stinner.
    - gh-109594: Fix test_timeout() of
      test_concurrent_futures.test_wait. Remove the future which may
      or may not complete depending if it takes longer than the
      timeout ot not. Keep the second future which does not complete
      before wait() timeout. Patch by Victor Stinner.
    - gh-109972: Split test_gdb.py file into a test_gdb package made
      of multiple tests, so tests can now be run in parallel. Patch by
      Victor Stinner.
    - gh-103053: Skip test_freeze_simple_script() of
      test_tools.test_freeze if Python is built with ./configure
    - -enable-optimizations, which means with Profile Guided
      Optimization (PGO): it just makes the test too slow. The freeze
      tool is tested by many other CIs with other (faster) compiler
      flags. Patch by Victor Stinner.
    - gh-109580: Skip test_perf_profiler if Python is built with ASAN,
      MSAN or UBSAN sanitizer. Python does crash randomly in this test
      on such build. Patch by Victor Stinner.
    - gh-104736: Fix test_gdb on Python built with LLVM clang 16 on
      Linux ppc64le (ex: Fedora 38). Search patterns in gdb “bt”
      command output to detect when gdb fails to retrieve the
      traceback. For example, skip a test if Backtrace stopped: frame
      did not save the PC is found. Patch by Victor Stinner.
    - gh-108927: Fixed order dependence in running tests in the same
      process when a test that has submodules (e.g. test_importlib)
      follows a test that imports its submodule (e.g.
      test_importlib.util) and precedes a test (e.g. test_unittest or
      test_compileall) that uses that submodule.
    - Build
    - gh-112088: Add Tools/build/regen-configure.sh script to
      regenerate the configure with an Ubuntu container image. The
      quay.io/tiran/cpython_autoconf:271 container image
      (tiran/cpython_autoconf) is no longer used. Patch by Victor
      Stinner.
    - gh-111046: For wasi-threads, memory is now exported to fix
      compatibility issues with some wasm runtimes.
    - gh-103053: “make check-clean-src” now also checks if the
      “python” program is found in the source directory: fail with an
      error if it does exist. Patch by Victor Stinner.
    - gh-109191: Fix compile error when building with recent versions
      of libedit.
    - IDLE
    - bpo-35668: Add docstrings to the IDLE debugger module. Fix two
      bugs: initialize Idb.botframe (should be in Bdb); in
      Idb.in_rpc_code, check whether prev_frame is None before trying
      to use it. Greatly expand test_debugger.
    - C API
    - gh-106560: Fix redundant declarations in the public C API.
      Declare PyBool_Type and PyLong_Type only once. Patch by Victor
      Stinner.
    - gh-112438: Fix support of format units “es”, “et”, “es#”, and
      “et#” in nested tuples in PyArg_ParseTuple()-like functions.
    - gh-109521: PyImport_GetImporter() now sets RuntimeError if it
      fails to get sys.path_hooks or sys.path_importer_cache or they
      are not list and dict correspondingly. Previously it could
      return NULL without setting error in obscure cases, crash or
      raise SystemError if these attributes have wrong type.
* Thu Nov 16 2023 Daniel Garcia <[email protected]>
  - Remove F00251-change-user-install-location.patch, that patch breaks
    the python-rpm-macros usage with multibuild
* Mon Oct 02 2023 Matej Cepl <[email protected]>
  - Update to the final release of 3.12.0:
    Python 3.12 is the latest stable release of the Python
    programming language, with a mix of changes to the language and
    the standard library. The library changes focus on cleaning up
    deprecated APIs, usability, and correctness. Of note, the
    distutils package has been removed from the standard library.
    Filesystem support in os and pathlib has seen a number of
    improvements, and several modules have better performance.
    The language changes focus on usability, as f-strings have had
    many limitations removed and ‘Did you mean …’ suggestions
    continue to improve. The new type parameter syntax and type
    statement improve ergonomics for using generic types and type
    aliases with static type checkers.
    This article doesn’t attempt to provide a complete
    specification of all new features, but instead gives
    a convenient overview. For full details, you should refer to
    the documentation, such as the Library Reference and Language
    Reference. If you want to understand the complete
    implementation and design rationale for a change, refer to the
    PEP for a particular new feature; but note that PEPs usually
    are not kept up-to-date once a feature has been fully
    implemented.
    - New syntax features:
    - PEP 695, type parameter syntax and the type statement
    - New grammar features:
    - PEP 701, f-strings in the grammar
    - Interpreter improvements:
    - PEP 684, a unique per-interpreter GIL
    - PEP 669, low impact monitoring
    - Improved ‘Did you mean …’ suggestions for NameError,
      ImportError, and SyntaxError exceptions
    - Python data model improvements:
    - PEP 688, using the buffer protocol from Python
    - Significant improvements in the standard library:
    - The pathlib.Path class now supports subclassing
    - The os module received several improvements for Windows
      support
    - A command-line interface has been added to the sqlite3
      module
    - isinstance() checks against runtime-checkable protocols
      enjoy a speed up of between two and 20 times
    - The asyncio package has had a number of performance
      improvements, with some benchmarks showing a 75% speed
      up.
    - A command-line interface has been added to the uuid
      module
    - Due to the changes in PEP 701, producing tokens via the
      tokenize module is up to up to 64% faster.
    - Security improvements:
    - Replace the builtin hashlib implementations of SHA1,
      SHA3, SHA2-384, SHA2-512, and MD5 with formally verified
      code from the HACL* project. These builtin
      implementations remain as fallbacks that are only used
      when OpenSSL does not provide them.
    - C API improvements:
    - PEP 697, unstable C API tier
    - PEP 683, immortal objects
    - CPython implementation improvements:
    - PEP 709, comprehension inlining
    - CPython support for the Linux perf profiler
    - Implement stack overflow protection on supported
      platforms
    - New typing features:
    - PEP 692, using TypedDict to annotate **kwargs
    - PEP 698, typing.override() decorator
    - Important deprecations, removals or restrictions:
    - PEP 623: Remove wstr from Unicode objects in Python’s
      C API, reducing the size of every str object by at least
      8 bytes.
    - PEP 632: Remove the distutils package. See the migration
      guide for advice replacing the APIs it provided. The
      third-party Setuptools package continues to provide
      distutils, if you still require it in Python 3.12 and
      beyond.
    - gh-95299: Do not pre-install setuptools in virtual
      environments created with venv. This means that
      distutils, setuptools, pkg_resources, and easy_install
      will no longer available by default; to access these run
      pip install setuptools in the activated virtual
      environment.
    - The asynchat, asyncore, and imp modules have been
      removed, along with several unittest.TestCase method
      aliases.
  - Refresh bluez-devel-vendor.tar.xz from bluez-devel 5.69-1.1.
* Wed Sep 20 2023 Daniel Garcia <[email protected]>
  - Update to 3.12.0rc3:
    - Core and Builtins
    - gh-109496: On a Python built in debug mode, Py_DECREF() now
      calls _Py_NegativeRefcount() if the object is a dangling pointer
      to deallocated memory: memory filled with 0xDD “dead byte” by
      the debug hook on memory allocators. The fix is to check the
      reference count before checking for _Py_IsImmortal(). Patch by
      Victor Stinner.
    - gh-109371: Deopted instructions correctly for tool
      initialization and modified the incorrect assertion in
      instrumentation, when a previous tool already sets INSTRUCTION
      events
    - gh-105658: Fix bug where the line trace of an except block
      ending with a conditional includes an excess event with the line
      of the conditional expression.
    - gh-109219: Fix compiling type param scopes that use a name which
      is also free in an inner scope.
    - gh-109341: Fix crash when compiling an invalid AST involving a
      ast.TypeAlias.
    - gh-109195: Fix source location for the LOAD_* instruction
      preceding a LOAD_SUPER_ATTR to load the super global (or
      shadowing variable) so that it encompasses only the name super
      and not the following parentheses.
    - gh-109118: Disallow nested scopes (lambdas, generator
      expressions, and comprehensions) within PEP 695 annotation
      scopes that are nested within classes.
    - gh-109114: Relax the detection of the error message for invalid
      lambdas inside f-strings to not search for arbitrary replacement
      fields to avoid false positives. Patch by Pablo Galindo
    - gh-109118: Fix interpreter crash when a NameError is raised
      inside the type parameters of a generic class.
    - gh-108976: Fix crash that occurs after de-instrumenting a code
      object in a monitoring callback.
    - gh-108732: Make iteration variables of module- and class-scoped
      comprehensions visible to pdb and other tools that use
      frame.f_locals again.
    - gh-108959: Fix caret placement for error locations for subscript
      and binary operations that involve non-semantic parentheses and
      spaces. Patch by Pablo Galindo
    - Library
    - gh-108682: Enum: require names=() or type=... to create an empty
      enum using the functional syntax.
    - gh-108843: Fix an issue in ast.unparse() when unparsing
      f-strings containing many quote types.
    - Documentation
    - gh-102823: Document the return type of x // y when x and y have
      type float.
    - Tests
    - gh-109396: Fix test_socket.test_hmac_sha1() in FIPS mode. Use a
      longer key: FIPS mode requires at least of at least 112 bits.
      The previous key was only 32 bits. Patch by Victor Stinner.
    - gh-104736: Fix test_gdb on Python built with LLVM clang 16 on
      Linux ppc64le (ex: Fedora 38). Search patterns in gdb “bt”
      command output to detect when gdb fails to retrieve the
      traceback. For example, skip a test if Backtrace stopped: frame
      did not save the PC is found. Patch by Victor Stinner.
    - gh-109237: Fix test_site.test_underpth_basic() when the working
      directory contains at least one non-ASCII character: encode the
      ._pth file to UTF-8 and enable the UTF-8 Mode to use UTF-8 for
      the child process stdout. Patch by Victor Stinner.
    - gh-109230: Fix test_pyexpat.test_exception(): it can now be run
      from a directory different than Python source code directory.
      Before, the test failed in this case. Skip the test if
      Modules/pyexpat.c source is not available. Skip also the test on
      Python implementations other than CPython. Patch by Victor
      Stinner.
    - gh-109015: Fix test_asyncio, test_imaplib and test_socket tests
      on FreeBSD if the TCP blackhole is enabled (sysctl
      net.inet.tcp.blackhole). Skip the few tests which failed with
      ETIMEDOUT which such non standard configuration. Currently, the
      FreeBSD GCP image enables TCP and UDP blackhole (sysctl
      net.inet.tcp.blackhole=2 and sysctl net.inet.udp.blackhole=1).
      Patch by Victor Stinner.
    - gh-91960: Skip test_gdb if gdb is unable to retrieve Python
      frame objects: if a frame is <optimized out>. When Python is
      built with “clang -Og”, gdb can fail to retrive the frame
      parameter of _PyEval_EvalFrameDefault(). In this case, tests
      like py_bt() are likely to fail. Without getting access to
      Python frames, python-gdb.py is mostly clueless on retrieving
      the Python traceback. Moreover, test_gdb is no longer skipped on
      macOS if Python is built with Clang. Patch by Victor Stinner.
    - gh-108962: Skip test_tempfile.test_flags() if chflags() fails
      with “OSError: [Errno 45] Operation not supported” (ex: on
      FreeBSD 13). Patch by Victor Stinner.
    - gh-108851: Fix test_tomllib recursion tests for WASI buildbots:
      reduce the recursion limit and compute the maximum nested
      array/dict depending on the current available recursion limit.
      Patch by Victor Stinner.
    - gh-108851: Add get_recursion_available() and
      get_recursion_depth() functions to the test.support module.
      Patch by Victor Stinner.
    - gh-108834: Add --fail-rerun option option to regrtest: if a test
      failed when then passed when rerun in verbose mode, exit the
      process with exit code 2 (error), instead of exit code 0
      (success). Patch by Victor Stinner.
    - gh-108834: Rename regrtest --verbose2 option (-w) to --rerun.
      Keep --verbose2 as a deprecated alias. Patch by Victor Stinner.
    - gh-108834: When regrtest reruns failed tests in verbose mode
      (./python -m test --rerun), tests are now rerun in fresh worker
      processes rather than being executed in the main process. If a
      test does crash or is killed by a timeout, the main process can
      detect and handle the killed worker process. Tests are rerun in
      parallel if the -jN option is used to run tests in parallel.
      Patch by Victor Stinner.
    - gh-103186: Suppress and assert expected RuntimeWarnings in
      test_sys_settrace.py
    - Build
    - gh-108740: Fix a race condition in make regen-all. The
      deepfreeze.c source and files generated by Argument Clinic are
      now generated or updated before generating “global objects”.
      Previously, some identifiers may miss depending on the order in
      which these files were generated. Patch by Victor Stinner.
  - Python 3.12.0 release candidate 2:
    - Security
    - gh-108310: Fixed an issue where instances of ssl.SSLSocket were
      vulnerable to a bypass of the TLS handshake and included
      protections (like certificate verification) and treating sent
      unencrypted data as if it were post-handshake TLS encrypted
      data. Security issue reported as CVE-2023-40217 by Aapo Oksman.
      Patch by Gregory P. Smith.
    - gh-107774: PEP 669 specifies that
      sys.monitoring.register_callback will generate an audit event.
      Pre-releases of Python 3.12 did not generate the audit event.
      This is now fixed.
    - Core and Builtins
    - gh-108520: Fix
      multiprocessing.synchronize.SemLock.__setstate__() to properly
      initialize multiprocessing.synchronize.SemLock._is_fork_ctx.
      This fixes a regression when passing a SemLock accross nested
      processes.
    - Rename multiprocessing.synchronize.SemLock.is_fork_ctx to
      multiprocessing.synchronize.SemLock._is_fork_ctx to avoid
      exposing it as public API.
    - gh-108654: Restore locals shadowed by an inlined comprehension
      if the comprehension raises an exception.
    - gh-108487: Change an assert that would cause a spurious crash in
      a devious case that should only trigger deoptimization.
    - gh-106176: Use a WeakValueDictionary to track the lists
      containing the modules each thread is currently importing. This
      helps avoid a reference leak from keeping the list around longer
      than necessary. Weakrefs are used as GC can’t interrupt the
      cleanup.
    - gh-107901: Fix missing line number on JUMP_BACKWARD at the end
      of a for loop.
    - gh-108390: Raise an exception when setting a non-local event
      (RAISE, EXCEPTION_HANDLED, etc.) in
      sys.monitoring.set_local_events.
    - Fixes crash when tracing in recursive calls to Python classes.
    - gh-91051: Fix abort / segfault when using all eight type watcher
      slots, on platforms where char is signed by default.
    - gh-107724: In pre-release versions of 3.12, up to rc1, the
      sys.monitoring callback function for the PY_THROW event was
      missing the third, exception argument. That is now fixed.
    - gh-107080: Trace refs builds (--with-trace-refs) were crashing
      when used with isolated subinterpreters. The problematic global
      state has been isolated to each interpreter. Other fixing the
      crashes, this change does not affect users.
    - gh-77377: Ensure that multiprocessing synchronization objects
      created in a fork context are not sent to a different process
      created in a spawn context. This changes a segfault into an
      actionable RuntimeError in the parent process.
    - Library
    - gh-108469: ast.unparse() now supports new f-string syntax
      introduced in Python 3.12. Note that the f-string quotes are
      reselected for simplicity under the new syntax. (Patch by Steven
      Sun)
    - gh-108682: Enum: raise TypeError if super().__new__() is called
      from a custom __new__.
    - gh-108295: Fix crashes related to use of weakrefs on
      typing.TypeVar.
    - gh-64662: Fix support for virtual tables in
      sqlite3.Connection.iterdump(). Patch by Aviv Palivoda.
    - gh-108111: Fix a regression introduced in gh-101251 for 3.12,
      resulting in an incorrect offset calculation in
      gzip.GzipFile.seek().
    - gh-105736: Harmonized the pure Python version of OrderedDict
      with the C version. Now, both versions set up their internal
      state in __new__. Formerly, the pure Python version did the set
      up in __init__.
    - gh-108083: Fix bugs in the constructor of sqlite3.Connection and
      sqlite3.Connection.close() where exceptions could be leaked.
      Patch by Erlend E. Aasland.
    - gh-107963: Fix multiprocessing.set_forkserver_preload() to check
      the given list of modules names. Patch by Dong-hee Na.
    - gh-106242: Fixes os.path.normpath() to handle embedded null
      characters without truncating the path.
    - gh-107913: Fix possible losses of errno and winerror values in
      OSError exceptions if they were cleared or modified by the
      cleanup code before creating the exception object.
    - gh-107845: tarfile.data_filter() now takes the location of
      symlinks into account when determining their target, so it will
      no longer reject some valid tarballs with
      LinkOutsideDestinationError.
    - gh-107805: Fix signatures of module-level generated functions in
      turtle.
    - gh-107715: Fix doctest.DocTestFinder.find() in presence of class
      names with special characters. Patch by Gertjan van Zwieten.
    - gh-100814: Passing a callable object as an option value to a
      Tkinter image now raises the expected TclError instead of an
      AttributeError.
    - gh-106684: Close asyncio.StreamWriter when it is not closed by
      application leading to memory leaks. Patch by Kumar Aditya.
    - gh-107396: tarfiles; Fixed use before assignment of
      self.exception for gzip decompression
    - gh-106052: re module: fix the matching of possessive quantifiers
      in the case of a subpattern containing backtracking.
    - gh-100061: Fix a bug that causes wrong matches for regular
      expressions with possessive qualifier.
    - gh-99203: Restore following CPython <= 3.10.5 behavior of
      shutil.make_archive(): do not create an empty archive if
      root_dir is not a directory, and, in that case, raise
      FileNotFoundError or NotADirectoryError regardless of format
      choice. Beyond the brought-back behavior, the function may now
      also raise these exceptions in dry_run mode.
    - Documentation
    - gh-105052: Update timeit doc to specify that time in seconds is just the default.
    - Tests
    - gh-89392: Removed support of test_main() function in tests. They
      now always use normal unittest test runner.
    - gh-108388: Convert test_concurrent_futures to a package of 7
      sub-tests. Patch by Victor Stinner.
    - gh-108388: Split test_multiprocessing_fork,
      test_multiprocessing_forkserver and test_multiprocessing_spawn
      into test packages. Each package is made of 4 sub-tests:
      processes, threads, manager and misc. It allows running more
      tests in parallel and so reduce the total test duration. Patch
      by Victor Stinner.
    - gh-105776: Fix test_cppext when the C compiler command -std=c11
      option: remove -std= options from the compiler command. Patch by
      Victor Stinner.
    - gh-107178: Add the C API test for functions in the Mapping
      Protocol, the Sequence Protocol and some functions in the Object
      Protocol.
    - Build
    - gh-63760: Fix Solaris build: no longer redefine the
      gethostname() function. Solaris defines the function since 2005.
      Patch by Victor Stinner, original patch by Jakub Kulík.
    - gh-107814: When calling find_python.bat with -q it did not
      properly silence the output of nuget. That is now fixed.
    - Windows
    - gh-107565: Update Windows build to use OpenSSL 3.0.10.
    - gh-106242: Fixes realpath() to behave consistently when passed a
      path containing an embedded null character on Windows. In strict
      mode, it now raises OSError instead of the unexpected
      ValueError, and in non-strict mode will make the path absolute.
    - gh-106844: Fix integer overflow and truncating by the null
      character in _winapi.LCMapStringEx() which affects
      ntpath.normcase().
    - macOS
    - gh-107565: Update macOS installer to use OpenSSL 3.0.10.
    - Tools/Demos
    - gh-107565: Update multissltests and GitHub CI workflows to use
      OpenSSL 1.1.1v, 3.0.10, and 3.1.2.
    - gh-95065: Argument Clinic now supports overriding automatically
      generated signature by using directive @text_signature.
    - C API
    - gh-107916: C API functions PyErr_SetFromErrnoWithFilename(),
      PyErr_SetExcFromWindowsErrWithFilename() and
      PyErr_SetFromWindowsErrWithFilename() save now the error code
      before calling PyUnicode_DecodeFSDefault().
    - gh-107915: Such C API functions as PyErr_SetString(),
      PyErr_Format(), PyErr_SetFromErrnoWithFilename() and many others
      no longer crash or ignore errors if it failed to format the
      error message or decode the filename. Instead, they keep a
      corresponding error.
    - gh-107810: Improve DeprecationWarning for uses of PyType_Spec
      with metaclasses that have custom tp_new.
* Thu Aug 10 2023 Dirk Müller <[email protected]>
  - restrict PEP668 to ALP/Tumbleweed
* Mon Aug 07 2023 Daniel Garcia <[email protected]>
  - Refresh all patches
  - Drop Revert-gh105127-left-tests.patch, in upstream now
  - Update to 3.12.0rc1:
    - Reverted the :mod:`email.utils` security improvement change
      released in 3.12beta4 that unintentionally caused
      :mod:`email.utils.getaddresses` to fail to parse email addresses
      with a comma in the quoted name field. See :gh:`106669`.
    - Start initializing ob_digit during creation of
      :c:type:`PyLongObject` objects. Patch by Illia Volochii.
    - Increase C recursion limit for functions other than the main
      interpreter from 800 to 1500. This should allow functions like
      list.__repr__ and json.dumps to handle all the inputs that they
      could prior to 3.12
    - Fix potential unaligned memory access on C APIs involving returned
      sequences of char * pointers within the :mod:`grp` and
      :mod:`socket` modules. These were revealed using a
    - fsaniziter=alignment build on ARM macOS. Patch by Christopher
      Chavez.
    - Add the exception as the third argument to PY_UNIND callbacks in
      sys.monitoring. This makes the PY_UNWIND callback consistent with
      the other exception hanlding callbacks.
    - Raise a ValueError when a monitoring callback funtion returns
      DISABLE for events that cannot be disabled locally.
    - Add a RERAISE event to sys.monitoring, which occurs when an
      exception is reraised, either explicitly by a plain raise
      statement, or implicitly in an except or finally block.
    - Unsupported modules now always fail to be imported.
    - Fix classmethod-style :func:`super` method calls (i.e., where the
      second argument to :func:`super`, or the implied second argument
      drawn from self/cls in the case of zero-arg super, is a type) when
      the target of the call is not a classmethod.
    - Python no longer crashes due an infrequent race when initialzing
      per-interpreter interned strings. The crash would manifest when
      the interpreter was finalized.
    - Python no longer crashes due to an infrequent race in setting
      Py_FileSystemDefaultEncoding and Py_FileSystemDefaultEncodeErrors
      (both deprecated), when simultaneously initializing two isolated
      subinterpreters. Now they are only set during runtime
      initialization.
    - Fix a segmentation fault caused by a use-after-free bug in
      frame_dealloc when the trashcan delays the deallocation of a
      PyFrameObject.
    - No longer suppress arbitrary errors in the __annotations__ getter
      and setter in the type and module types.
    - Propagate frozen_modules to multiprocessing spawned process
      interpreters.
    - Prevent out-of-bounds memory access during mmap.find() calls.
    - Seems that in some conditions, OpenSSL will return
      SSL_ERROR_SYSCALL instead of SSL_ERROR_SSL when a certification
      verification has failed, but the error parameters will still
      contain ERR_LIB_SSL and SSL_R_CERTIFICATE_VERIFY_FAILED. We are
      now detecting this situation and raising the appropiate
      ssl.SSLCertVerificationError. Patch by Pablo Galindo
    - Fix :func:`types.get_original_bases` to only return
      :attr:`!__orig_bases__` if it is present on cls directly. Patch by
      James Hilton-Balfe.
    - Prevent memory leak and use-after-free when using pointers to
      pointers with ctypes
    - Make :func:`gettext.pgettext` search plural definitions when
      translation is not found.
    - Document behavior of :func:`shutil.disk_usage` for non-mounted
      filesystems on Unix.
    - Do not report MultipartInvariantViolationDefect defect when the
      :class:`email.parser.Parser` class is used to parse emails with
      headersonly=True.
    - Fix invalid result from :meth:`PurePath.relative_to` method when
      attempting to walk a ".." segment in other with walk_up enabled. A
      :exc:`ValueError` exception is now raised in this case.
    - Fix potential missing NULL check of d2i_SSL_SESSION result in
      _ssl.c.
    - Update the bundled copy of pip to version 23.2.1.
    - Fixed several bugs in zipfile.Path, including: in Path.match`,
      Windows separators are no longer honored (and never were meant to
      be); Fixed ``name/suffix/suffixes/stem operations when no filename
      is present and the Path is not at the root of the zipfile;
      Reworked glob for performance and more correct matching behavior.
    - Add __copy__ and __deepcopy__ in :mod:`enum`
    - Revert a change to :func:`colorsys.rgb_to_hls` that caused
      division by zero for certain almost-white inputs. Patch by Terry
      Jan Reedy.
    - Instances of :class:`typing.TypeVar`, :class:`typing.ParamSpec`,
      :class:`typing.ParamSpecArgs`, :class:`typing.ParamSpecKwargs`,
      and :class:`typing.TypeVarTuple` once again support weak
      references, fixing a regression introduced in Python 3.12.0 beta
      1. Patch by Jelle Zijlstra.
    - Detect possible memory allocation failure in the libtommath
      function :c:func:`mp_init` used by the _tkinter module.
    - Fix crash when calling repr with a manually constructed SignalDict
      object. Patch by Charlie Zhao.
    - Change the default return value of
      :meth:`http.client.HTTPConnection.get_proxy_response_headers` to
      be None and not {}.
    - Ensure gettext(msg) retrieve translations even if a plural form
      exists. In other words: gettext(msg) == ngettext(msg, '', 1).
    - Add documentation for :c:type:`PyInterpreterConfig` and
      :c:func:`Py_NewInterpreterFromConfig`. Also clarify some of the
      nearby docs relative to per-interpreter GIL.
    - Document the :mod:`curses` module variables :const:`~curses.LINES`
      and :const:`~curses.COLS`.
    - Add a number of standard external names to nitpick_ignore.
    - Add documentation on how to localize the :mod:`argparse` module.
    - test_logging: Fix test_udp_reconnection() by increasing the
      timeout from 100 ms to 5 minutes (LONG_TIMEOUT). Patch by Victor
      Stinner.
    - test_capi: Fix test_no_FatalError_infinite_loop() to no longer
      write a coredump, by using test.support.SuppressCrashReport. Patch
      by Victor Stinner.
    - Avoid creating a reference to the test object in
      :meth:`~unittest.TestResult.collectedDurations`.
    - Moved tests for zipfile.Path into Lib/test/test_zipfile/_path.
      Made zipfile._path a package.
    - Check for linux/limits.h before including it in
      Modules/posixmodule.c.
    - Detect MPI compilers in :file:`configure`.
    - Add experimental wasi-threads support. Patch by Takashi Yamamoto.
    - Update Windows build to use OpenSSL 3.0.9
    - Update macOS installer to use OpenSSL 3.0.9.
    - Fix bugs in the Argument Clinic destination <name> clear command;
      the destination buffers would never be cleared, and the
      destination directive parser would simply continue to the fault
      handler after processing the command. Patch by Erlend E. Aasland.
    - freeze now fetches CONFIG_ARGS from the original CPython instance
      the Makefile uses to call utility scripts. Patch by Ijtaba
      Hussain.
    - :c:func:`PyModule_AddObjectRef` is now only available in the
      limited API version 3.10 or later.
* Fri Aug 04 2023 Dirk Müller <[email protected]>
  - add externally_managed.in to label this build as PEP-668 managed
* Thu Aug 03 2023 Matej Cepl <[email protected]>
  - IT MEANS THAT bsc#1210638 STILL HAS NOT BEEN FIXED!
  - Add Revert-gh105127-left-tests.patch (gh#python/cpython!106941)
    partially reverting CVE-2023-27043-email-parsing-errors.patch,
    because of the regression in gh#python/cpython#106669.
* Tue Jul 11 2023 Matej Cepl <[email protected]>
  - Update to 3.12.0b4:
    - gh-issue-102988: CVE-2023-27043 (bsc#1210638): Prevent
      :func:`email.utils.parseaddr` and
      :func:`email.utils.getaddresses` from returning the realname
      portion of an invalid RFC2822 email header in the email
      address portion of the 2-tuple returned after being parsed by
      :class:`email._parseaddr.AddressList`.
    - gh-issue-106396: When the format specification of an
      f-string expression is empty, the parser now generates an
      empty :class:`ast.JoinedStr` node for it instead of an
      one-element :class:`ast.JoinedStr` with an empty string
      :class:`ast.Constant`.
    - gh-issue-106145: Make ``end_lineno`` and ``end_col_offset``
      required on ``type_param`` ast nodes.
    - gh-issue-105979: Fix crash in :func:`!_imp.get_frozen_object`
      due to improper exception handling.
    - gh-issue-98931: Ensure custom :exc:`SyntaxError` error
      messages are raised for invalid imports with multiple
      targets. Patch by Pablo Galindo
    - gh-issue-105908: Fixed bug where :gh:`99111` breaks future
      import ``barry_as_FLUFL`` in the Python REPL.
    - gh-issue-105340: Include the comprehension iteration
      variable in ``locals()`` inside a module- or class-scope
      comprehension.
    - gh-issue-105486: Change the repr of ``ParamSpec`` list of
      args in ``types.GenericAlias``.
    - gh-issue-101006: Improve error handling when read
      :mod:`marshal` data.
    - gh-issue-106524: Fix crash in :func:`!_sre.template` with
      templates containing invalid group indices.
    - gh-issue-106510: Improve debug output for atomic groups in
      regular expressions.
    - gh-issue-106503: Fix ref cycle in
      :class:`!asyncio._SelectorSocketTransport` by removing
      ``_write_ready`` in ``close``.
    - gh-issue-105497: Fix flag mask inversion when unnamed flags
      exist.
    - gh-issue-90876: Prevent :mod:`multiprocessing.spawn` from
      failing to *import* in environments where ``sys.executable``
      is ``None``.  This regressed in 3.11 with the addition of
      support for path-like objects in multiprocessing.
    - gh-issue-106292: Check for an instance-dict
      cached value in the :meth:`__get__` method of
      :func:`functools.cached_property`. This better matches the
      pre-3.12 behavior and improves compatibility for users
      subclassing :func:`functools.cached_property` and adding a
      :meth:`__set__` method.
    - gh-issue-106330: Fix incorrect matching of empty paths in
      :meth:`pathlib.PurePath.match`. This bug was introduced in
      Python 3.12.0 beta 1.
    - gh-issue-102541: Make pydoc.doc catch bad module ImportError
      when output stream is not None.
    - gh-issue-106152: Added PY_THROW event hook for
      :mod:`cProfile` for generators
    - gh-issue-106075: Added `asyncio.taskgroups.__all__` to
      `asyncio.__all__` for export in star imports.
    - gh-issue-105987: Fix crash due to improper reference counting
      in :mod:`asyncio` eager task factory internal routines.
    - gh-issue-105974: Fix bug where a :class:`typing.Protocol`
      class that had one or more non-callable members would
      raise :exc:`TypeError` when :func:`issubclass` was called
      against it, even if it defined a custom ``__subclasshook__``
      method. The behaviour in Python 3.11 and lower -- which has
      now been restored -- was not to raise :exc:`TypeError` in
      these situations if a custom ``__subclasshook__`` method was
      defined. Patch by Alex Waygood.
    - gh-issue-96145: Reverted addition of ``json.AttrDict``.
    - gh-issue-105497: Fix flag inversion when alias/mask members
      exist.
    - gh-issue-104554: Add RTSPS scheme support in urllib.parse
    - gh-issue-94777: Fix hanging :mod:`multiprocessing`
      ``ProcessPoolExecutor`` when a child process crashes while
      data is being written in the call queue.
    - gh-issue-106232: Make timeit doc command lines compatible
      with Windows by using double quotes for arguments.  This
      works on linux and macOS also.
    - gh-issue-101634: When running the Python test suite with
      ``-jN`` option, if a worker stdout cannot be decoded from
      the locale encoding report a failed testn so the exitcode is
      non-zero. Patch by Victor Stinner.
    - gh-issue-106118: Fix compilation for platforms without
      :data:`!O_CLOEXEC`. The issue was introduced with Python
      3.12b1 in :gh:`103295`. Patch by Erlend Aasland.
    - gh-issue-104692: Include ``commoninstall`` as a prerequisite
      for ``bininstall``
      This ensures that ``commoninstall`` is completed before
      ``bininstall`` is started when parallel builds are used (``make
    - j install``), and so the ``python3`` symlink is only installed
      after all standard library modules are installed.
    - gh-issue-106359: Argument Clinic now explicitly forbids
      "kwarg splats" in function calls used as annotations.
    - gh-issue-105227: The new :c:func:`PyType_GetDict` provides
      the dictionary for the given type object that is normally
      exposed by ``cls.__dict__``. Normally it's sufficient to
      use :c:member:`~PyTypeObject.tp_dict`, but for the static
      builtin types :c:member:`!tp_dict` is now always ``NULL``.
      :c:func:`!PyType_GetDict()` provides the correct dict object
      instead.
* Wed Jun 28 2023 Matej Cepl <[email protected]>
  - Update to 3.12.0b3:
    - gh-103142: The version of OpenSSL used in Windows and
      Mac installers has been upgraded to 1.1.1u to address
      CVE-2023-2650, CVE-2023-0465, CVE-2023-0466, CVE-2023-0464,
      as well as CVE-2023-0286, CVE-2022-4303, and CVE-2022-4303
      fixed previously in 1.1.1t (gh-101727).
    - gh-102153: urllib.parse.urlsplit() now strips leading C0
      control and space characters following the specification for
      URLs defined by WHATWG in response to CVE-2023-24329.
    - gh-99889: Fixed a security in flaw in uu.decode() that could
      allow for directory traversal based on the input if no
      out_file was specified.
    - gh-104049: Do not expose the local on-disk
      location in directory indexes produced by
      http.client.SimpleHTTPRequestHandler.
    - gh-103935: trace.__main__ now uses io.open_code() for files
      to be executed instead of raw open().
    - gh-102953: The extraction methods in tarfile, and
      shutil.unpack_archive(), have a new filter argument that
      allows limiting tar features than may be surprising or
      dangerous, such as creating files outside the destination
      directory. See Extraction filters for details.
  - Remove upstreamed patches:
    - 00398-fix-stack-overwrite-on-32-bit-in-perf-map-test-harness-gh-104811-104823.patch
* Thu Jun 01 2023 Daniel Garcia <[email protected]>
  - Add 00398-fix-stack-overwrite-on-32-bit-in-perf-map-test-harness-gh-104811-104823.patch
    gh#python/cpython#104811
* Wed May 31 2023 Daniel Garcia <[email protected]>
  - Refresh all patches
  - Update to 3.12.0b1:
    Full changelog can be found here
    https://docs.python.org/dev/whatsnew/changelog.html#python-3-12-0-beta-1
* Sun Apr 30 2023 Matej Cepl <[email protected]>
  - Why in the world we download from HTTP?
* Thu Apr 27 2023 Daniel Garcia <[email protected]>
  - Ignore failing test test_freeze_simple_script, it fails because it
    cannot import _sysconfigdata__linux_x86_64-linux-gnu that's not
    present in the test environment, it fails without bundled libs.
  - Remove non existing paths:
    * %{sitedir}/tkinter/test
    * %{sitedir}/sqlite3/test
    * %{dynlib _curses_panel}
* Wed Apr 26 2023 Daniel Garcia <[email protected]>
  - Update to 3.12.0a7:
    Full changelog can be found here
    https://docs.python.org/dev/whatsnew/changelog.html#python-3-12-0-alpha-7
* Mon Mar 27 2023 Matej Cepl <[email protected]>
  - Switch off obsoleting previous interpreters.
* Sat Mar 25 2023 Matej Cepl <[email protected]>
  - Update to 3.12.0a6:
    - Many new features for Python 3.12 are still being planned and
      written. Among the new major new features and changes so far:
    - Even more improved error messages. More exceptions
      potentially caused by typos now make suggestions to the
      user.
    - Support for the Linux perf profiler to report Python
      function names in traces.
    - The deprecated wstr and wstr_length members of the C
      implementation of unicode objects were removed, per PEP
      623.
    - In the unittest module, a number of long deprecated methods
      and classes were removed. (They had been deprecated since
      Python 3.1 or 3.2).
    - The deprecated smtpd and distutils modules have been
      removed (see PEP 594 and PEP 632. The setuptools package
      (installed by default in virtualenvs and many other places)
      continues to provide the distutils module.
    - A number of other old, broken and deprecated functions,
      classes and methods have been removed.
    - Invalid backslash escape sequences in strings now warn
      with SyntaxWarning instead of DeprecationWarning, making
      them more visible. (They will become syntax errors in the
      future.)
    - The internal representation of integers has changed in
      preparation for performance enhancements. (This should not
      affect most users as it is an internal detail, but it may
      cause problems for Cython-generated code.)
  - Add the refreshed version of
    F00251-change-user-install-location.patch (updated from
    Fedora), which works together with the installation schemes in
    sysconfig.
  - Remove distutils-reproducible-compile.patch, which is not
    applicable anymore (because distutils was removed from the
    standard library).
  - Remove upstreamed support-expat-CVE-2022-25236-patched.patch
* Fri Mar 03 2023 Matej Cepl <[email protected]>
  - Update to 3.11.2:
    Bug fixes, no changes in API and no security bugs.
* Wed Mar 01 2023 Matej Cepl <[email protected]>
  - Add python310 Obsoletes line to obsolete_python_versioned macro.
* Tue Feb 21 2023 Matej Cepl <[email protected]>
  - Add provides for readline and sqlite3 to the main Python
    package.
* Thu Jan 26 2023 Thorsten Kukuk <[email protected]>
  - Disable NIS for new products, it's deprecated and gets removed
* Tue Jan 24 2023 Dirk Müller <[email protected]>
  - build GLIBC hwcaps optimized versions of the interpreter
* Tue Jan 10 2023 Matej Cepl <[email protected]>
  - Don't fail on Sphinx build warnings.
  - For jsc#PED-1570, providing Python 3.11 for SLE-15-SP5.
* Thu Dec 08 2022 Matej Cepl <[email protected]>
  - Update to 3.11.1:
    - python -m http.server no longer allows terminal control
      characters sent within a garbage request to be printed
      to the stderr server lo This is done by changing the
      http.server BaseHTTPRequestHandler .log_message method to
      replace control characters with a \xHH hex escape before
      printin
    - Avoid publishing list of active per-interpreter audit hooks
      via the gc module
    - The IDNA codec decoder used on DNS hostnames by socket or
      asyncio related name resolution functions no longer involves
      a quadratic algorithm. This prevents a potential CPU denial
      of service if an out-of-spec excessive length hostname
      involving bidirectional characters were decoded. Some
      protocols such as urllib http 3xx redirects potentially allow
      for an attacker to supply such a name (CVE-2022-45061).
    - Update bundled libexpat to 2.5.0
    - Fix a shell code injection vulnerability in the
      get-remote-certificate.py example script. The script no
      longer uses a shell to run openssl commands. Issue reported
      and initial fix by Caleb Shortt. Patch by Victor Stinner.
    - Fix a crash when an object which does not have a dictionary
      frees its instance values.
    - Fix a bug in the tokenizer that could cause infinite
      recursion when showing syntax warnings that happen in the
      first line of the source. Patch by Pablo Galindo
    - Fix an issue that could cause frames to be visible to Python
      code as they are being torn down, possibly leading to memory
      corruption or hard crashes of the interpreter.
    - Fix a reference bug in _imp.create_builtin() after the
      creation of the first sub-interpreter for modules builtins
      and sys. Patch by Victor Stinner.
    - Fixed a bug that was causing a buffer overflow if the
      tokenizer copies a line missing the newline caracter from a
      file that is as long as the available tokenizer buffer. Patch
      by Pablo galindo
    - Fix bug where an ExceptionGroup subclass can wrap a
      BaseException.
    - Fix zip path for venv created from a non-installed python on
      POSIX platforms.
    - Fix an issue that could potentially cause incorrect error
      handling for some bytecode instructions.
    - Fix an issue that prevented PyThreadState and
      PyInterpreterState memory from being freed properly.
    - Fix failure in except* with unhashable exceptions.
    - Fix calculation of sys._base_executable when inside a POSIX
      virtual environment using copies of the python binary when
      the base installation does not provide the executable name
      used by the venv. Calculation will fall back to alternative
      names (“python<MAJOR>”, “python<MAJOR>.<MINOR>”).
    - Update faulthandler to emit an error message with the proper
      unexpected signal number. Patch by Dong-hee Na.
    - Fix location of SyntaxError for a try block with both except
      and except*.
    - Fix the error reporting positions of specialized traceback
      anchors when the source line contains Unicode characters.
    - Fix subscription of type aliases containing bare generic
      types or types like TypeVar: for example tuple[A, T][int] and
      tuple[TypeVar, T][int], where A is a generic type, and T is a
      type variable.
    - Lower the recursion depth for marshal on WASI to support
      wasmtime 2.0/main.
    - Fix multiple crashes in debug mode when str subclasses are
      used instead of str itself.
    - Fix an issue where member descriptors (such as those for
      __slots__) could behave incorrectly or crash instead of
      raising a TypeError when accessed via an instance of an
      invalid type.
    - Suppress ImportError for invalid query for help()
      command. Patch by Dong-hee Na.
    - Fix detection of MAC addresses for uuid on certain OSs. Patch
      by Chaim Sanders
    - Print exception class name instead of its string
      representation when raising errors from ctypes calls.
    - os.sched_yield() now release the GIL while calling
      sched_yield(2). Patch by Dong-hee Na.
    - Fix an issue that could delay the specialization of PRECALL
      instructions.
    - Bugfix: PyFunction_GetAnnotations() should return a borrowed
      reference. It was returning a new reference.
    - Ensure that all Python frame objects are backed by “complete”
      frames.
    - Fixed a missing incref/decref pair in
      Exception.__setstate__(). Patch by Ofey Chan.
    - Fix the Python path configuration used to initialized
      sys.path at Python startup. Paths are no longer encoded
      to UTF-8/strict to avoid encoding errors if it contains
      surrogate characters (bytes paths are decoded with the
      surrogateescape error handler). Patch by Victor Stinner.
    - Fix overly-broad source position information for chained
      comparisons used as branching conditions.
    - At Python exit, sometimes a thread holding the GIL can
      wait forever for a thread (usually a daemon thread) which
      requested to drop the GIL, whereas the thread already
      exited. To fix the race condition, the thread which requested
      the GIL drop now resets its request before exiting. Issue
      discovered and analyzed by Mingliang ZHAO. Patch by Victor
      Stinner.
    - Fix a possible assertion failure, fatal error, or SystemError
      if a line tracing event raises an exception while opcode
      tracing is enabled.
    - Fix undefined behaviour in C code of null pointer arithmetic.
    - Make sure that all frame objects created are created from
      valid interpreter frames. Prevents the possibility of invalid
      frames in backtraces and signal handlers.
    - Disable incorrect pickling of the C implemented classmethod
      descriptors.
    - On WASI ENOTCAPABLE is now mapped to PermissionError. The
      errno modules exposes the new error number. getpath.py now
      ignores PermissionError when it cannot open landmark files
      pybuilddir.txt and pyenv.cfg.
    - Allow pdb to locate source for frozen modules in the standard
      library.
    - Raise ValueError instead of SystemError when methods of
      uninitialized io.IncrementalNewlineDecoder objects are
      called. Patch by Oren Milman.
    - Fix a possible assertion failure in io.FileIO when the opener
      returns an invalid file descriptor.
    - Also escape s in the http.server
      BaseHTTPRequestHandler.log_message so that it is technically
      possible to parse the line and reconstruct what the original
      data was. Without this a xHH is ambiguious as to if it is a
      hex replacement we put in or the characters r”x” came through
      in the original request line.
    - asyncio.get_event_loop() now only emits a deprecation warning
      when a new event loop was created implicitly. It no longer
      emits a deprecation warning if the current event loop was
      set.
    - Fix bug when calling trace.CoverageResults with valid infile.
    - Fix a bug in handling class cleanups in
      unittest.TestCase. Now addClassCleanup() uses separate lists
      for different TestCase subclasses, and doClassCleanups() only
      cleans up the particular class.
    - Release the GIL when calling termios APIs to avoid blocking
      threads.
    - Fix ast.increment_lineno() to also cover ast.TypeIgnore when
      changing line numbers.
    - Fix bug in urllib.parse.urlparse() that causes URL schemes
      that begin with a digit, a plus sign, or a minus sign to be
      parsed incorrectly.
    - Check the number of arguments in substitution in user
      generics containing a TypeVarTuple and one or more TypeVar.
    - Fix substitution of ParamSpec followed by TypeVarTuple in
      generic aliases.
    - Fix substitution of TypeVarTuple and ParamSpec together in
      user generics.
    - Fixed bug where inspect.signature() reported incorrect
      arguments for decorated methods.
    - Fix SystemError in ctypes when exception was not set during
      __initsubclass__.
    - Remove older version of
      _SSLProtocolTransport.get_write_buffer_limits in
      asyncio.sslproto
    - fix negative numbers failing in verify()
    - Fix statistics.NormalDist pickle with 0 and 1 protocols.
    - enum.auto() is now correctly activated when combined with
      other assignment values. E.g. ONE = auto(), 'some text' will
      now evaluate as (1, 'some text').
    - Update the bundled copy of pip to version 22.3.1.
    - Clean up refleak on failed module initialisation in _zoneinfo
    - Clean up refleaks on failed module initialisation in in
      _pickle
    - Clean up refleak on failed module initialisation in _io.
    - Fix memory leak in math.dist() when both points don’t have
      the same dimension. Patch by Kumar Aditya.
    - [3.11] Applied changes from importlib_metadata 4.11.4
      through 4.13, including compatibility and robustness
      fixes for Distribution objects without _normalized_name,
      disallowing invalid inputs to Distribution.from_name, and
      refined behaviors in PathDistribution._name_from_stem and
      PathDistribution._normalized_name.
    - Fix argument typechecks in _overlapped.WSAConnect() and
      _overlapped.Overlapped.WSASendTo() functions.
    - Prevent crashing in traceback when retrieving the byte-offset
      for some source files that contain certain unicode
      characters.
    - Fix internal error in the re module which in very rare
      circumstances prevented compilation of a regular expression
      containing a conditional expression without the “else”
      branch.
    - Fix asyncio.StreamWriter.drain() to call
      protocol.connection_lost callback only once on Windows.
    - Add a mutex to unittest.mock.NonCallableMock to protect
      concurrent access to mock attributes.
    - Fix hang on Windows in subprocess.wait_closed() in asyncio
      with ProactorEventLoop. Patch by Kumar Aditya.
    - Fix infinite loop in unittest when a self-referencing chained
      exception is raised
    - tkinter.Text.count() raises now an exception for options
      starting with “-” instead of silently ignoring them.
    - On uname_result, restored expectation that _fields and
      _asdict would include all six properties including processor.
    - A createSocket() method was added to SysLogHandler.
    - Fix bug in urllib.parse.urlparse() that causes certain port
      numbers containing whitespace, underscores, plus and minus
      signs, or non-ASCII digits to be incorrectly accepted.
    - Allow venv to pass along PYTHON* variables to ensurepip and
      pip when they do not impact path resolution
    - On macOS, fix a crash in syslog.syslog() in multi-threaded
      applications. On macOS, the libc syslog() function is not
      thread-safe, so syslog.syslog() no longer releases the GIL to
      call it. Patch by Victor Stinner.
    - Allow BUILTINS to be a valid field name for frozen
      dataclasses.
    - Wrap network errors consistently in urllib FTP support, so
      the test suite doesn’t fail when a network is available but
      the public internet is not reachable.
    - Make sure patch.dict() can be applied on async functions.
    - Earlier in 3.11 we deprecated
      asyncio.Task.cancel("message"). We realized we were too
      harsh, and have undeprecated it.
    - Change deprecate warning message in unittest from It is
      deprecated to return a value!=None to It is deprecated to
      return a value that is not None from a test case
    - Fixes AttributeError when subprocess.check_output() is used
      with argument input=None and either of the arguments encoding
      or errors are used.
    - Fix is_private properties in the ipaddress module. Previously
      non-private networks (0.0.0.0/0) would return True from this
      method; now they correctly return False.
    - Avoid spurious tracebacks from asyncio when default executor
      cleanup is delayed until after the event loop is closed (e.g.
      as the result of a keyboard interrupt).
    - Avoid a crash in the C version of
      asyncio.Future.remove_done_callback() when an evil argument
      is passed.
    - Remove tokenize.NL check from tabnanny.
    - Fix generation of the default name of
      tkinter.Checkbutton. Previously, checkbuttons in different
      parent widgets could have the same short name and share
      the same state if arguments “name” and “variable” are not
      specified. Now they are globally unique.
    - Update bundled libexpat to 2.4.9
    - Fix race condition in asyncio where process_exited() called
      before the pipe_data_received() leading to inconsistent
      output. Patch by Kumar Aditya.
    - Fixed check in multiprocessing.resource_tracker that
      guarantees that the length of a write to a pipe is not
      greater than PIPE_BUF.
    - Corrected type annotation for dataclass attribute
      pstats.FunctionProfile.ncalls to be str.
    - Fix repr of Any subclasses.
    - Work around missing socket functions in socket’s __repr__.
    - In inspect, fix overeager replacement of “typing.” in
      formatting annotations.
    - Fix handling of bytes path-like objects in os.ismount().
    - Fix handling compiler warnings (SyntaxWarning and
      DeprecationWarning) in codeop.compile_command() when checking
      for incomplete input. Previously it emitted warnings and
      raised a SyntaxError. Now it always returns None for
      incomplete input without emitting any warnings.
    - To avoid apparent memory leaks when asyncio.open_connection()
      raises, break reference cycles generated by local exception
      and future instances (which has exception instance as its
      member var). Patch by Dong Uk, Kang.
    - Fixed flickering of the turtle window when the tracer is
      turned off. Patch by Shin-myoung-serp.
    - Fix asyncio subprocess transport to kill process cleanly
      when process is blocked and avoid RuntimeError when loop is
      closed. Patch by Kumar Aditya.
    - Prevent error when activating venv in nested fish instances.
    - TarFile.next() now returns None when called on an empty
      tarfile.
    - Document the optional callback parameter of WeakMethod. Patch
      by Géry Ogam.
    - Restrict use of sockets instead of pipes for stdin of
      subprocesses created by asyncio to AIX platform only.
    - shutil.copytree() now applies the ignore_dangling_symlinks
      argument recursively.
    - Fix IndexError in argparse.ArgumentParser when a store_true
      action is given an explicit argument.
    - Document that calling variadic functions with ctypes requires
      special care on macOS/arm64 (and possibly other platforms).
    - Remove extra row
    - Clarified the conflicting advice given in the ast
      documentation about ast.literal_eval() being “safe” for use
      on untrusted input while at the same time warning that it
      can crash the process. The latter statement is true and is
      deemed unfixable without a large amount of work unsuitable
      for a bugfix. So we keep the warning and no longer claim that
      literal_eval is safe.
    - Restructured the documentation for the os.wait* family of
      functions, and improved the docs for os.waitid() with more
      explanation of the possible argument constants.
    - Skip test_normalization() of test_unicodedata if it
      fails to download NormalizationTest.txt file from
      pythontest.net. Patch by Victor Stinner.
    - Correct test_marsh on (32 bit) x86: test_deterministic sets
      was failing.
    - Optional big memory tests in test_sqlite3 now catch the
      correct sqlite.DataError exception type in case of too large
      strings and/or blobs passed.
    - Fix a bug in the typing tests where a test relying
      on CPython-specific implementation details was not
      decorated with @cpython_only and was not skipped on other
      implementations.
    - Add tests for star-unpacking with PEP 646, and some other
      miscellaneous PEP 646 tests.
    - Added explicit coverage of Py_Initialize (and hence
      Py_InitializeEx) back to the embedding tests (all other
      embedding tests migrated to Py_InitializeFromConfig in Python
      3.11)
    - Some C API tests were moved into the new Lib/test/test_capi/
      directory.
    - Fix -Wimplicit-int, -Wstrict-prototypes, and
    - Wimplicit-function-declaration compiler warnings in
      configure checks.
    - Fix a compilation issue with GCC 12 on macOS.
    - Fix -Wimplicit-int compiler warning in configure check for
      PTHREAD_SCOPE_SYSTEM.
    - Fix a possible fd leak in Programs/_freeze_module.c
      introduced in Python 3.11.
    - Fix build with PYTHON_FOR_REGEN=python3.8.
    - Specify the full path to the source location for make
      docclean (needed for cross-builds).
    - Don’t use vendored libmpdec headers if --with-system-libmpdec
      is passed to configure. Don’t use vendored libexpat headers
      if --with-system-expat is passed to !configure.
    - Fix the build process of clang compiler for _bootstrap_python
      if LTO optimization is applied. Patch by Matthias Görgens and
      Dong-hee Na.
    - wasm32-emscripten builds for browsers now include
      concurrent.futures for asyncio and unittest.mock.
    - wasm32-emscripten platform no longer builds resource module,
      getresuid(), getresgid(), and their setters. The APIs are
      stubs and not functional.
    - Updated pegen regeneration script on Windows to find and
      use Python 3.9 or higher. Prior to this, pegen regeneration
      already required 3.9 or higher, but the script may have used
      lower versions of Python.
    - Fix a bug in the previous bugfix that caused IDLE to
      not start when run with 3.10.8, 3.12.0a1, and at least
      Microsoft Python 3.10.2288.0 installed without the Lib/test
      package. 3.11.0 was never affected.
    - The wasm_build.py script now pre-builds Emscripten ports,
      checks for broken EMSDK versions, and warns about pkg-config
      env vars.
    - The new tool Tools/wasm/wasm_builder.py automates configure,
      compile, and test steps for building CPython on WebAssembly
      platforms.
    - Fix handling of module docstrings in Tools/i18n/pygettext.py.
    - PyBUF_* constants were marked as part of Limited API
      of Python 3.11+. These were available in 3.11.0 with
      Py_LIMITED_API defined for 3.11, and are necessary to use the
      buffer API.
    - Fix use-after-free in Py_SetPythonHome(NULL),
      Py_SetProgramName(NULL) and _Py_SetProgramFullPath(NULL)
      function calls. Issue reported by Benedikt Reinartz. Patch by
      Victor Stinner.
    - Py_InitializeEx now correctly calls PyConfig_Clear after
      initializing the interpreter (the omission didn’t cause a
      memory leak only because none of the dynamically allocated
      config fields are populated by the wrapper function)
  - Removed upstreamed patches:
    - 98437-sphinx.locale._-as-gettext-in-pyspecific.patch
    - CVE-2022-45061-DoS-by-IDNA-decode.patch
* Wed Nov 09 2022 Matej Cepl <[email protected]>
  - Add CVE-2022-45061-DoS-by-IDNA-decode.patch to avoid
    CVE-2022-45061 (bsc#1205244) allowing DoS by IDNA decoding
    extremely long domain names.
* Tue Oct 25 2022 Matej Cepl <[email protected]>
  - Update to 3.11.0 (overall changes from 3.10.*):
    - General changes
    - PEP 657 -- Include Fine-Grained Error Locations in
      Tracebacks
    - PEP 654 -- Exception Groups and except*
    - PEP 680 -- tomllib: Support for Parsing TOML in the
      Standard Library
    - gh-90908 -- Introduce task groups to asyncio
    - gh-34627 -- Atomic grouping ((?>...)) and possessive
      quantifiers (*+, ++, ?+, {m,n}+) are now supported in
      regular expressions.
    - The Faster CPython Project is already yielding some
      exciting results. Python 3.11 is up to 10-60% faster than
      Python 3.10. On average, we measured a 1.22x speedup on the
      standard benchmark suite. See Faster CPython for details.
    - Typing and typing language changes
    - PEP 673 -- Self Type
    - PEP 646 -- Variadic Generics
    - PEP 675 -- Arbitrary Literal String Type
    - PEP 655 -- Marking individual TypedDict items as required
      or potentially-missing
    - PEP 681 -- Data Class Transforms
  - (just changes from 3.11.0rc2):
    - Fix multiplying a list by an integer (list *= int): detect
      the integer overflow when the new allocated length is close
      to the maximum size. Issue reported by Jordan Limor. Patch by
      Victor Stinner.
    - On Linux the multiprocessing module returns to using
      filesystem backed unix domain sockets for communication
      with the forkserver process instead of the Linux abstract
      socket namespace. Only code that chooses to use the
      “forkserver” start method is affected. Abstract sockets have
      no permissions and could allow any user on the system in the
      same network namespace (often the whole system) to inject
      code into the multiprocessing forkserver process. This was
      a potential privilege escalation. Filesystem based socket
      permissions restrict this to the forkserver process user as
      was the default in Python 3.8 and earlier. This prevents
      Linux CVE-2022-42919.
    - Fix an issue where several frame objects could be backed by
      the same interpreter frame, possibly leading to corrupted
      memory and hard crashes of the interpreter.
    - Fix possible data corruption or crashes when accessing the
      f_back member of newly-created generator or coroutine frames.
    - Fix a crash occurring when PyEval_GetFrame() is called while
      the topmost Python frame is in a partially-initialized state.
    - Fix command line parsing: reject -X int_max_str_digits option
      with no value (invalid) when the PYTHONINTMAXSTRDIGITS
      environment variable is set to a valid limit. Patch by Victor
      Stinner.
    - Fix undefined behaviour in _testcapimodule.c.
    - When ValueError is raised if an integer is larger than the
      limit, mention the sys.set_int_max_str_digits() function in
      the error message. Patch by Victor Stinner.
    - Correctly raise SyntaxError on exception groups (PEP 654) on
      python versions prior to 3.11
    - Document some places where an assignment expression needs
      parentheses.
    - Update the bundled copies of pip and setuptools to versions
      22.3 and 65.5.0 respectively.
    - fix Flag to use boundary CONFORM
    - This restores previous Flag behavior of allowing flags with
      non-sequential values to be combined; e.g.
    - class Skip(Flag): TWO = 2 EIGHT = 8
    - Skip.TWO | Skip.EIGHT -> <Skip.TWO|EIGHT: 10>
    - Fix ! in c domain ref target syntax via a conf.py patch, so
      it works as intended to disable ref target resolution.
    - Update tutorial introduction output to use 3.10+ SyntaxError
      invalid range.
* Fri Oct 21 2022 Matej Cepl <[email protected]>
  - Add 98437-sphinx.locale._-as-gettext-in-pyspecific.patch to
    allow building of documentation with the latest Sphinx 5.3.0
    (gh#python/cpython#98366).
* Thu Sep 15 2022 Matej Cepl <[email protected]>
  - Update to 3.11.0rc2:
    - Converting between int and str in bases other than 2
      (binary), 4, 8 (octal), 16 (hexadecimal), or 32 such as base
      10 (decimal) now raises a ValueError if the number of digits
      in string form is above a limit to avoid potential denial of
      service attacks due to the algorithmic complexity. This is
      a mitigation for CVE-2020-10735.
      This new limit can be configured or disabled by environment
      variable, command line flag, or sys APIs. See the integer
      string conversion length limitation documentation. The
      default limit is 4300 digits in string form.
    - Fix case of undefined behavior in ceval.c
    - Do not expose KeyWrapper in _functools.
    - Ensure that tracing, sys.setrace(), is turned on
      immediately. In pre-release versions of 3.11, some tracing
      events might have been lost when turning on tracing in a
      __del__ method or interrupt.
    - Fix use after free in trace refs build mode. Patch by Kumar
      Aditya.
    - When loading a file with invalid UTF-8 inside a multi-line
      string, a correct SyntaxError is emitted.
    - Make sure that incomplete frames do not show up in
      tracemalloc traces.
    - Remove two cases of undefined behavior, by adding NULL
      checks.
    - Fix possible NULL pointer dereference in
      _PyThread_CurrentFrames. Patch by Kumar Aditya.
    - Fix AttributeError missing name and obj attributes in
      object.__getattribute__(). Patch by Philip Georgi.
    - Loading a file with invalid UTF-8 will now report the broken
      character at the correct location.
    - Fixed a bug that caused _PyCode_GetExtra to return garbage
      for negative indexes. Patch by Pablo Galindo
    - Fix a deadlock in PyGILState_Ensure() when allocating new
      thread state. Patch by Kumar Aditya.
    - PyType_Ready() now initializes ht_cached_keys and performs
      additional checks to ensure that type objects are properly
      configured. This avoids crashes in 3rd party packages that
      don’t use regular API to create new types.
    - Skip over incomplete frames in PyThreadState_GetFrame().
    - Fix format string in _PyPegen_raise_error_known_location that
      can lead to memory corruption on some 64bit systems. The
      function was building a tuple with i (int) instead of n
      (Py_ssize_t) for Py_ssize_t arguments.
    - Fix misleading contents of error message when converting an
      all-whitespace string to float.
    - ast.parse() will no longer parse function definitions with
      positional-only params when passed feature_version less than
      (3, 8). Patch by Shantanu Jain.
    - Fix incorrect error message in the io module.
    - Fix the faulthandler implementation of
      faulthandler.register(signal, chain=True) if the sigaction()
      function is not available: don’t call the previous signal
      handler if it’s NULL. Patch by Victor Stinner.
    - Correct conversion of numbers.Rational’s to float.
    - Fix TypeVarTuple.__typing_prepare_subst__. TypeError was not
      raised when using more than one TypeVarTuple, like [*T, *V]
      in type alias substitutions.
    - Fix asyncio.streams.StreamReaderProtocol to keep a strong
      reference to the created task, so that it’s not garbage
      collected
    - Fix a performance regression in logging
      TimedRotatingFileHandler. Only check for special files when
      the rollover time has passed.
    - Fix unused localName parameter in the Attr class in
      xml.dom.minidom.
    - Fix incorrect condition that causes sys.thread_info.name to
      be wrong on pthread platforms.
    - Remove an incompatible change from bpo-28080 that caused a
      regression that ignored the utf8 in ZipInfo.flag_bits. Patch
      by Pablo Galindo.
    - Fix asyncio.Runner to call asyncio.set_event_loop() only
      once to avoid calling attach_loop() multiple times on child
      watchers. Patch by Kumar Aditya.
    - Fix unittest.IsolatedAsyncioTestCase to set event loop before
      calling setup functions. Patch by Kumar Aditya.
    - When a task catches asyncio.CancelledError and raises some
      other error, the other error should generally not silently be
      suppressed.
    - Fail gracefully if EPERM or ENOSYS is raised when loading
      crypt methods. This may happen when trying to load MD5 on a
      Linux kernel with FIPS enabled.
    - Allow asyncio.StreamWriter.drain() to be awaited concurrently
      by multiple tasks. Patch by Kumar Aditya.
    - Fix ast.unparse() when ImportFrom.level is None
    - Improve discoverability of the higher level
      concurrent.futures module by providing clearer links from the
      lower level threading and multiprocessing modules.
    - What’s New 3.11 now has instructions for how to provide
      compiler and linker flags for Tcl/Tk and OpenSSL on RHEL 7
      and CentOS 7.
    - Mitigate the inherent race condition from using
      find_unused_port() in testSockName() by trying to find an
      unused port a few times before failing. Patch by Ross Burton.
    - Build and test with OpenSSL 1.1.1q
  - Use support-expat-CVE-2022-25236-patched.patch from the current
    version of gh#python/cpython#93900 instead of the old
    support-expat-245.patch.
  - Reapply fix_configure_rst.patch.
* Mon Sep 05 2022 Andreas Schwab <[email protected]>
  - Increase testsuite timeout for test_freeze_simple_script
* Sat Aug 20 2022 Matej Cepl <[email protected]>
  - fix import_failed.map to refer to the python 3.11 package versions
* Sat Aug 20 2022 Matej Cepl <[email protected]>
  - Update to 3.11.0rc1:
    - Core and Builtins
    - Update code object hashing and equality to consider all
      debugging and exception handling tables. This fixes an
      issue where certain non-identical code objects could be
      “deduplicated” during compilation.
    - _PyPegen_Parser_New now properly detects token memory
      allocation errors. Patch by Honglin Zhu.
    - Run Python code in tracer/profiler function at full
      speed. Fixes slowdown in earlier versions of 3.11.
    - Emit a warning in debug mode if an object does not call
      PyObject_GC_UnTrack() before deallocation. Patch by Pablo
      Galindo.
    - Prevented crashes in the AST constructor when
      compiling some absurdly long expressions like
      "+0"*1000000. RecursionError is now raised instead. Patch
      by Pablo Galindo
    - ast.AST node positions are now validated when provided to
      compile() and other related functions. If invalid positions
      are detected, a ValueError will be raised.
    - Fix error detection in some builtin functions when keyword
      argument name is an instance of a str subclass with
      overloaded __eq__ and __hash__. Previously it could cause
      SystemError or other undesired behavior.
    - Library
    - Update bundled pip to 22.2.2.
    - Fix asyncio.TaskGroup to propagate exception when
      asyncio.CancelledError was replaced with another exception
      by a context manger. Patch by Kumar Aditya and Guido van
      Rossum.
    - Update bundled pip to 22.2.1.
    - Fix GC crash when deallocating _lsprof.Profiler by
      untracking it before calling any callbacks. Patch by Kumar
      Aditya.
    - Fix asyncio.run() for asyncio.Task implementations without
      uncancel() method. Patch by Kumar Aditya.
    - Fix check for existence of os.EFD_CLOEXEC, os.EFD_NONBLOCK
      and os.EFD_SEMAPHORE flags on older kernel versions where
      these flags are not present. Patch by Kumar Aditya.
    - Fix concurrent.futures.Executor.map() to cancel the
      currently waiting on future on an error - e.g. TimeoutError
      or KeyboardInterrupt.
    - Ensure that timeouts scheduled with asyncio.Timeout that
      have already expired are delivered promptly.
    - Suppress writing an XML declaration in open files
      in ElementTree.write() with encoding='unicode' and
      xml_declaration=None.
    - Fix findtext in the xml module to only give an empty string
      when the text attribute is set to None.
    - Documentation
    - Fix stylesheet not working in Windows CHM htmlhelp docs
      and add warning that they are deprecated. Contributed by
      C.A.M. Gerlach.
    - Update library documentation with availability information
      on WebAssembly platforms wasm32-emscripten and wasm32-wasi.
    - Use consistent syntax for platform availability. The
      directive now supports a content body and emits a warning
      when it encounters an unknown platform.
    - Document a limitation in ThreadPoolExecutor where its exit
      handler is executed before any handlers in atexit.
    - Tests
    - Lib/test/test_asyncio/test_ssl.py exposed a bug in the
      macOS kernel where intense concurrent load on non-blocking
      sockets occasionally causes errno.ENOBUFS (“No buffer space
      available”) to be emitted. FB11063974 filed with Apple, in
      the mean time as a workaround buffer size used in tests on
      macOS is decreased to avoid intermittent failures. Patch by
      Fantix King.
    - Fix problem with test_ssl test_get_ciphers on systems that
      require perfect forward secrecy (PFS) ciphers.
    - Add a regression test for re exponentional slowdown when
      using rjsmin.
    - Build
    - Fix a regression in configure script that caused some
      header checks to ignore custom CPPFLAGS. The regression was
      introduced in gh-94802.
    - wasm32-wasi builds no longer depend on WASIX’s pthread
      stubs. Python now has its own stubbed pthread API.
    - Python now detects missing dup function in WASI and works
      around some missing errno, select, and socket constants.
    - Python now skips missing socket functions and methods on
      WASI. WASI can only create sockets from existing fd /
      accept and has no netdb.
    - Platforms wasm32-unknown-emscripten and wasm32-unknown-wasi
      have been promoted to PEP 11 tier 3 platform support.
    - IDLE
    - Document handling of extensions in Save As dialogs.
    - Include prompts when saving Shell (interactive input and
      output).
    - Fix the Shell context menu copy-with-prompts bug of copying
      an extra line when one selects whole lines.
    - In the Edit menu, move Select All and add a new separator.
    - Enable using IDLE’s module browser with .pyw files.
    - Add .pyi as a recognized extension for IDLE on macOS. This
      allows opening stub files by double clicking on them in the
      Finder.
    - C API
    - Restore the 3.10 behavior for multiple inheritance of C
      extension classes that store their dictionary at the end of
      the struct.
    - Added PyCode_GetVarnames(), PyCode_GetCellvars() and
      PyCode_GetFreevars() for accessing co_varnames, co_cellvars
      and co_freevars respectively via the C API.
* Tue Jul 26 2022 Matej Cepl <[email protected]>
  - Update to 3.11.0b5:
    - Core and Builtins
    - gh-93351: ast.AST node positions are now validated when
      provided to compile() and other related functions. If
      invalid positions are detected, a ValueError will be
      raised.
    - gh-94438: Fix an issue that caused extended opcode
      arguments and some conditional pops to be ignored when
      calculating valid jump targets for assignments to the
      f_lineno attribute of frame objects. In some cases, this
      could cause inconsistent internal state, resulting in a
      hard crash of the interpreter.
    - gh-95060: Undocumented PyCode_Addr2Location function now
      properly returns when addrq argument is less than zero.
    - gh-95113: Replace all EXTENDED_ARG_QUICK instructions
      with basic EXTENDED_ARG instructions in unquickened
      code. Consumers of non-adaptive bytecode should be able to
      handle extended arguments the same way they were handled in
      CPython 3.10 and older.
    - gh-91409: Fix incorrect source location info caused by
      certain optimizations in the bytecode compiler.
    - gh-94036: Fix incorrect source location info for some
      multi-line attribute accesses and method calls.
    - gh-94739: Allow jumping within, out of, and across
      exception handlers in the debugger.
    - gh-94949: ast.parse() will no longer parse parenthesized
      context managers when passed feature_version less than (3,
      9). Patch by Shantanu Jain.
    - gh-94947: ast.parse() will no longer parse assignment
      expressions when passed feature_version less than (3,
      8). Patch by Shantanu Jain.
    - gh-91256: Ensures the program name is known for help text
      during interpreter startup.
    - gh-94869: Fix the column offsets for some expressions in
      multi-line f-strings ast nodes. Patch by Pablo Galindo.
    - gh-94822: Fix an issue where lookups of metaclass
      descriptors may be ignored when an identically-named
      attribute also exists on the class itself.
    - gh-91153: Fix an issue where a bytearray item assignment
      could crash if it’s resized by the new value’s __index__()
      method.
    - gh-90699: Fix reference counting bug in
      bool.__repr__(). Patch by Kumar Aditya.
    - Library
    - gh-95087: Fix IndexError in parsing invalid date in the
      email module.
    - gh-95199: Upgrade bundled setuptools to 63.2.0.
    - gh-95194: Upgrade bundled pip to 22.2.
    - gh-95132: Fix a sqlite3 regression where *args and **kwds
      were incorrectly relayed from connect() to the Connection
      factory. The regression was introduced in 3.11a1 with PR
      24421 (gh-85128). Patch by Erlend E. Aasland.`
    - gh-93157: Fix fileinput module didn’t support errors option
      when inplace is true.
    - gh-95105: wsgiref.types.InputStream.__iter__() should
      return Iterator[bytes], not Iterable[bytes]. Patch by
      Shantanu Jain.
    - gh-94857: Fix refleak in
      _io.TextIOWrapper.reconfigure. Patch by Kumar Aditya.
    - gh-94821: Fix binding of unix socket to empty address
      on Linux to use an available address from the abstract
      namespace, instead of “0”.
    - gh-89988: Fix memory leak in pickle.Pickler when looking up
      dispatch_table. Patch by Kumar Aditya.
    - bpo-47025: Drop support for bytes on sys.path.
    - Tests
    - gh-95212: Make multiprocessing test case
      test_shared_memory_recreate parallel-safe.
    - Build
    - gh-94847: Fixed _decimal module build issue on GCC when
      compiling with LTO and pydebug. Debug builds no longer
      force inlining of functions.
    - gh-94841: Fix the possible performance regression of
      PyObject_Free() compiled with MSVC version 1932.
    - gh-94801: configure now uses custom flags like ZLIB_CFLAGS
      and ZLIB_LIBS when searching for headers and libraries.
    - gh-94773: deepfreeze.py now supports code object with
      frozensets that contain incompatible, unsortable types.
    - C API
    - gh-94930: Fix SystemError raised when
      PyArg_ParseTupleAndKeywords() is used with # in (...) but
      without PY_SSIZE_T_CLEAN defined.
    - gh-94864: Fix PyArg_Parse* with deprecated format units “u”
      and “Z”. It returned 1 (success) when warnings are turned
      into exceptions.
    - gh-94731: Python again uses C-style casts for
      most casting operations when compiled with
      C++. This may trigger compiler warnings, if they
      are enabled with e.g. -Wold-style-cast `` or
      ``-Wzero-as-null-pointer-constant options for g++.
* Thu Jul 21 2022 Matej Cepl <[email protected]>
  - Switch from %primary_interpreter to prjconf-defined
    %primary_python (gh#openSUSE/python-rpm-macros#127).
* Thu Jul 14 2022 Matej Cepl <[email protected]>
  - Update to 3.11.0b4:
  - Fixes many bugs and adds following more significant changes
  - Security
    - gh-68966: The deprecated mailcap module now refuses to inject
      Coreunsafe text (filenames, MIME types, parameters) into
      shell Corecommands. Instead of using such text, it will
      warn and act Coreas if a match was not found (or for test
      commands, as if the Coretest failed). and Builtins
    - gh-93516: Lazily create a table mapping bytecode offsets to
      line numbers to speed up calculation of line numbers when
      tracing.
    - gh-93461: importlib.invalidate_caches() now drops entries
      from sys.path_importer_cache with a relative path as
      name. This solves a caching issue when a process changes its
      current working directory.
    - FileFinder no longer inserts a dot in the path, e.g.
      /egg/./spam is now /egg/spam.
    Library
    - gh-93896: Fix asyncio.run() and
      unittest.IsolatedAsyncioTestCase to always the set event loop
      as it was done in Python 3.10 and earlier. Patch by Kumar
      Aditya.
    - gh-94101: Manual instantiation of ssl.SSLSession objects is
      no longer allowed as it lead to misconfigured instances that
      crashed the interpreter when attributes where accessed on
      them.
    - gh-83658: Make multiprocessing.Pool raise an exception if
      maxtasksperchild is not None or a positive int.
    - gh-61162: Clarify sqlite3 behavior when Using the connection
      as a context manager.
    Tools/Demos
    - gh-94538: Fix Argument Clinic output to custom file
      destinations. Patch by Erlend E. Aasland.
    C API
    - gh-93937: The following frame functions and type are now
      directly available with #include <Python.h>, it’s no longer
      needed to add #include <frameobject.h>:
      PyFrame_Check()
      PyFrame_GetBack()
      PyFrame_GetBuiltins()
      PyFrame_GetGenerator()
      PyFrame_GetGlobals()
      PyFrame_GetLasti()
      PyFrame_GetLocals()
      PyFrame_Type
* Tue May 31 2022 Matej Cepl <[email protected]>
  - Update to 3.11.0b2:
    - many small updates
  - Add patch support-expat-245.patch:
    * Support Expat >= 2.4.4 (jsc#SLE-21253)
* Tue May 10 2022 Matej Cepl <[email protected]>
  - Refresh bluez-devel-vendor.tar.xz
  - Fix building with system-expat (gh#python/cpython#92875). Nope,
    it didn't work, worked around it.
* Mon May 09 2022 Matej Cepl <[email protected]>
  - Update to pre-release version 3.11.0b1:
    - PEP 657 – Include Fine-Grained Error Locations in Tracebacks
    - PEP 654 – Exception Groups and except*
    - PEP 673 – Self Type
    - PEP 646 – Variadic Generics
    - PEP 680– tomllib: Support for Parsing TOML in the Standard Library
    - PEP 675– Arbitrary Literal String Type
    - PEP 655– Marking individual TypedDict items as required or potentially-missing
    - bpo-46752– Introduce task groups to asyncio
    - The Faster Cpython Project is already yielding some exciting
      results. Python 3.11 is up to 10-60% faster than Python
      3.10. On average, we measured a 1.22x speedup on the standard
      benchmark suite. See
      https://docs.python.org/3.11/whatsnew/3.11.html#faster-cpython
      for details.
* Thu May 05 2022 Matej Cepl <[email protected]>
  - Switch primary_interpreter from python38 to python310
* Sat Mar 26 2022 Matej Cepl <[email protected]>
  - Update to 3.10.4:
    - bpo-46968: Check for the existence of the “sys/auxv.h” header
      in faulthandler to avoid compilation problems in systems
      where this header doesn’t exist. Patch by Pablo Galindo
    - bpo-23691: Protect the re.finditer() iterator from
      re-entering.
    - bpo-42369: Fix thread safety of zipfile._SharedFile.tell() to
      avoid a “zipfile.BadZipFile: Bad CRC-32 for file” exception
      when reading a ZipFile from multiple threads.
    - bpo-38256: Fix binascii.crc32() when it is compiled to use
      zlib’c crc32 to work properly on inputs 4+GiB in length
      instead of returning the wrong result. The workaround prior
      to this was to always feed the function data in increments
      smaller than 4GiB or to just call the zlib module function.
    - bpo-39394: A warning about inline flags not at the start of
      the regular expression now contains the position of the flag.
    - bpo-47061: Deprecate the various modules listed by PEP 594:
    - aifc, asynchat, asyncore, audioop, cgi, cgitb, chunk, crypt,
      imghdr, msilib, nntplib, nis, ossaudiodev, pipes, smtpd,
      sndhdr, spwd, sunau, telnetlib, uu, xdrlib
    - bpo-2604: Fix bug where doctests using globals would fail
      when run multiple times.
    - bpo-45997: Fix asyncio.Semaphore re-aquiring FIFO order.
    - bpo-47022: The asynchat, asyncore and smtpd modules have been
      deprecated since at least Python 3.6. Their documentation and
      deprecation warnings and have now been updated to note they
      will removed in Python 3.12 (PEP 594).
    - bpo-46421: Fix a unittest issue where if the command was
      invoked as python -m unittest and the filename(s) began with
      a dot (.), a ValueError is returned.
    - bpo-40296: Fix supporting generic aliases in pydoc.
  - Update to 3.10.3:
    - bpo-46940: Avoid overriding AttributeError metadata
      information for nested attribute access calls. Patch by Pablo
      Galindo.
    - bpo-46852: Rename the private undocumented
      float.__set_format__() method to float.__setformat__() to fix
      a typo introduced in Python 3.7. The method is only used by
      test_float. Patch by Victor Stinner.
    - bpo-46794: Bump up the libexpat version into 2.4.6
    - bpo-46820: Fix parsing a numeric literal immediately (without
      spaces) followed by “not in” keywords, like in 1not in x. Now
      the parser only emits a warning, not a syntax error.
    - bpo-46762: Fix an assert failure in debug builds when a ‘<’,
      ‘>’, or ‘=’ is the last character in an f-string that’s
      missing a closing right brace.
    - bpo-46724: Make sure that all backwards jumps use the
      JUMP_ABSOLUTE instruction, rather than JUMP_FORWARD with an
      argument of (2**32)+offset.
    - bpo-46732: Correct the docstring for the __bool__() method.
      Patch by Jelle Zijlstra.
    - bpo-46707: Avoid potential exponential backtracking when
      producing some syntax errors involving lots of brackets.
      Patch by Pablo Galindo.
    - bpo-40479: Add a missing call to va_end() in
      Modules/_hashopenssl.c.
    - bpo-46615: When iterating over sets internally in
      setobject.c, acquire strong references to the resulting items
      from the set. This prevents crashes in corner-cases of
      various set operations where the set gets mutated.
    - bpo-45773: Remove two invalid “peephole” optimizations from
      the bytecode compiler.
    - bpo-43721: Fix docstrings of getter, setter, and deleter to
      clarify that they create a new copy of the property.
    - bpo-46503: Fix an assert when parsing some invalid N escape
      sequences in f-strings.
    - bpo-46417: Fix a race condition on setting a type __bases__
      attribute: the internal function add_subclass() now gets the
      PyTypeObject.tp_subclasses member after calling
      PyWeakref_NewRef() which can trigger a garbage collection
      which can indirectly modify PyTypeObject.tp_subclasses. Patch
      by Victor Stinner.
    - bpo-46383: Fix invalid signature of _zoneinfo’s module_free
      function to resolve a crash on wasm32-emscripten platform.
    - bpo-46070: Py_EndInterpreter() now explicitly untracks all
      objects currently tracked by the GC. Previously, if an object
      was used later by another interpreter, calling
      PyObject_GC_UnTrack() on the object crashed if the previous
      or the next object of the PyGC_Head structure became
      a dangling pointer. Patch by Victor Stinner.
    - bpo-46339: Fix a crash in the parser when retrieving the
      error text for multi-line f-strings expressions that do not
      start in the first line of the string. Patch by Pablo Galindo
    - bpo-46240: Correct the error message for unclosed parentheses
      when the tokenizer doesn’t reach the end of the source when
      the error is reported. Patch by Pablo Galindo
    - bpo-46091: Correctly calculate indentation levels for lines
      with whitespace character that are ended by line continuation
      characters. Patch by Pablo Galindo
    - bpo-43253: Fix a crash when closing transports where the
      underlying socket handle is already invalid on the Proactor
      event loop.
    - bpo-47004: Apply bugfixes from importlib_metadata 4.11.3,
      including bugfix for EntryPoint.extras, which was returning
      match objects and not the extras strings.
    - bpo-46985: Upgrade pip wheel bundled with ensurepip (pip
      22.0.4)
    - bpo-46968: faulthandler: On Linux 5.14 and newer, dynamically
      determine size of signal handler stack size CPython allocates
      using getauxval(AT_MINSIGSTKSZ). This changes allows for
      Python extension’s request to Linux kernel to use AMX_TILE
      instruction set on Sapphire Rapids Xeon processor to succeed,
      unblocking use of the ISA in frameworks.
    - bpo-46955: Expose asyncio.base_events.Server as
      asyncio.Server. Patch by Stefan Zabka.
    - bpo-23325: The signal module no longer assumes that SIG_IGN
      and SIG_DFL are small int singletons.
    - bpo-46932: Update bundled libexpat to 2.4.7
    - bpo-25707: Fixed a file leak in
      xml.etree.ElementTree.iterparse() when the iterator is not
      exhausted. Patch by Jacob Walls.
    - bpo-44886: Inherit asyncio proactor datagram transport from
      asyncio.DatagramTransport.
    - bpo-46827: Support UDP sockets in asyncio.loop.sock_connect()
      for selector-based event loops. Patch by Thomas Grainger.
    - bpo-46811: Make test suite support Expat >=2.4.5
    - bpo-46252: Raise TypeError if ssl.SSLSocket is passed to
      transport-based APIs.
    - bpo-46784: Fix libexpat symbols collisions with user
      dynamically loaded or statically linked libexpat in embedded
      Python.
    - bpo-39327: shutil.rmtree() can now work with VirtualBox
      shared folders when running from the guest operating-system.
    - bpo-46756: Fix a bug in
      urllib.request.HTTPPasswordMgr.find_user_password() and
      urllib.request.HTTPPasswordMgrWithPriorAuth.is_authenticated()
      which allowed to bypass authorization. For example, access to
      URI example.org/foobar was allowed if the user was authorized
      for URI example.org/foo.
    - bpo-46643: In typing.get_type_hints(), support evaluating
      stringified ParamSpecArgs and ParamSpecKwargs annotations.
      Patch by Gregory Beauregard.
    - bpo-45863: When the tarfile module creates a pax format
      archive, it will put an integer representation of timestamps
      in the ustar header (if possible) for the benefit of older
      unarchivers, in addition to the existing full-precision
      timestamps in the pax extended header.
    - bpo-46676: Make typing.ParamSpec args and kwargs equal to
      themselves. Patch by Gregory Beauregard.
    - bpo-46672: Fix NameError in asyncio.gather() when initial
      type check fails.
    - bpo-46655: In typing.get_type_hints(), support evaluating
      bare stringified TypeAlias annotations. Patch by Gregory
      Beauregard.
    - bpo-45948: Fixed a discrepancy in the C implementation of the
      xml.etree.ElementTree module. Now, instantiating an
      xml.etree.ElementTree.XMLParser with a target=None keyword
      provides a default xml.etree.ElementTree.TreeBuilder target
      as the Python implementation does.
    - bpo-46521: Fix a bug in the codeop module that was
      incorrectly identifying invalid code involving string quotes
      as valid code.
    - bpo-46581: Brings ParamSpec propagation for GenericAlias in
      line with Concatenate (and others).
    - bpo-46591: Make the IDLE doc URL on the About IDLE dialog
      clickable.
    - bpo-46400: expat: Update libexpat from 2.4.1 to 2.4.4
    - bpo-46487: Add the get_write_buffer_limits method to
      asyncio.transports.WriteTransport and to the SSL transport.
    - bpo-45173: Note the configparser deprecations will be removed
      in Python 3.12.
    - bpo-46539: In typing.get_type_hints(), support evaluating
      stringified ClassVar and Final annotations inside Annotated.
      Patch by Gregory Beauregard.
    - bpo-46491: Allow typing.Annotated to wrap typing.Final and
      typing.ClassVar. Patch by Gregory Beauregard.
    - bpo-46436: Fix command-line option -d/--directory in module
      http.server which is ignored when combined with command-line
      option --cgi. Patch by Géry Ogam.
    - bpo-41403: Make mock.patch() raise a TypeError with
      a relevant error message on invalid arg. Previously it
      allowed a cryptic AttributeError to escape.
    - bpo-46474: In importlib.metadata.EntryPoint.pattern, avoid
      potential REDoS by limiting ambiguity in consecutive
      whitespace.
    - bpo-46469: asyncio generic classes now return
      types.GenericAlias in __class_getitem__ instead of the same
      class.
    - bpo-46434: pdb now gracefully handles help when __doc__ is
      missing, for example when run with pregenerated optimized
      .pyc files.
    - bpo-46333: The __eq__() and __hash__() methods of
      typing.ForwardRef now honor the module parameter of
      typing.ForwardRef. Forward references from different modules
      are now differentiated.
    - bpo-46246: Add missing __slots__ to
      importlib.metadata.DeprecatedList. Patch by Arie Bovenberg.
    - bpo-46266: Improve day constants in calendar.
    - Now all constants (MONDAY … SUNDAY) are documented, tested,
      and added to __all__.
    - bpo-46232: The ssl module now handles certificates with bit
      strings in DN correctly.
    - bpo-43118: Fix a bug in inspect.signature() that was causing
      it to fail on some subclasses of classes with
      a __text_signature__ referencing module globals. Patch by
      Weipeng Hong.
    - bpo-26552: Fixed case where failing asyncio.ensure_future()
      did not close the coroutine. Patch by Kumar Aditya.
    - bpo-21987: Fix an issue with tarfile.TarFile.getmember()
      getting a directory name with a trailing slash.
    - bpo-20392: Fix inconsistency with uppercase file extensions
      in MimeTypes.guess_type(). Patch by Kumar Aditya.
    - bpo-46080: Fix exception in argparse help text generation if
      a argparse.BooleanOptionalAction argument’s default is
      argparse.SUPPRESS and it has help specified. Patch by Felix
      Fontein.
    - bpo-44439: Fix .write() method of a member file in ZipFile,
      when the input data is an object that supports the buffer
      protocol, the file length may be wrong.
    - bpo-45703: When a namespace package is imported before
      another module from the same namespace is created/installed
      in a different sys.path location while the program is
      running, calling the importlib.invalidate_caches() function
      will now also guarantee the new module is noticed.
    - bpo-24959: Fix bug where unittest sometimes drops frames from
      tracebacks of exceptions raised in tests.
    - bpo-44791: Fix substitution of ParamSpec in Concatenate with
      different parameter expressions. Substitution with a list of
      types returns now a tuple of types. Substitution with
      Concatenate returns now a Concatenate with concatenated lists
      of arguments.
    - bpo-14156: argparse.FileType now supports an argument of ‘-’
      in binary mode, returning the .buffer attribute of
      sys.stdin/sys.stdout as appropriate. Modes including ‘x’ and
      ‘a’ are treated equivalently to ‘w’ when argument is ‘-’.
      Patch contributed by Josh Rosenberg
    - bpo-46463: Fixes escape4chm.py script used when building the
      CHM documentation file
    - bpo-46913: Fix test_faulthandler.test_sigfpe() if Python is
      built with undefined behavior sanitizer (UBSAN): disable
      UBSAN on the faulthandler_sigfpe() function. Patch by Victor
      Stinner.
    - bpo-46708: Prevent default asyncio event loop policy
      modification warning after test_asyncio execution.
    - bpo-46678: The function make_legacy_pyc in
      Lib/test/support/import_helper.py no longer fails when
      PYTHONPYCACHEPREFIX is set to a directory on a different
      device from where tempfiles are stored.
    - bpo-46616: Ensures test_importlib.test_windows cleans up
      registry keys after completion.
    - bpo-44359: test_ftplib now silently ignores socket errors to
      prevent logging unhandled threading exceptions. Patch by
      Victor Stinner.
    - bpo-46542: Fix a Python crash in test_lib2to3 when using
      Python built in debug mode: limit the recursion limit. Patch
      by Victor Stinner.
    - bpo-46576: test_peg_generator now disables compiler
      optimization when testing compilation of its own C extensions
      to significantly speed up the testing on non-debug builds of
      CPython.
    - bpo-46542: Fix test_json tests checking for RecursionError:
      modify these tests to use support.infinite_recursion(). Patch
      by Victor Stinner.
    - bpo-13886: Skip test_builtin PTY tests on non-ASCII
      characters if the readline module is loaded. The readline
      module changes input() behavior, but test_builtin is not
      intented to test the readline module. Patch by Victor
      Stinner.
    - bpo-38472: Fix GCC detection in setup.py when
      cross-compiling. The C compiler is now run with LC_ALL=C.
      Previously, the detection failed with a German locale.
    - bpo-46513: configure no longer uses AC_C_CHAR_UNSIGNED macro
      and pyconfig.h no longer defines reserved symbol
      __CHAR_UNSIGNED__.
    - bpo-45296: Clarify close, quit, and exit in IDLE. In the File
      menu, ‘Close’ and ‘Exit’ are now ‘Close Window’ (the current
      one) and ‘Exit’ is now ‘Exit IDLE’ (by closing all windows).
      In Shell, ‘quit()’ and ‘exit()’ mean ‘close Shell’. If there
      are no other windows, this also exits IDLE.
    - bpo-45447: Apply IDLE syntax highlighting to pyi files. Patch
      by Alex Waygood and Terry Jan Reedy.
    - bpo-46433: The internal function _PyType_GetModuleByDef now
      correctly handles inheritance patterns involving static
      types.
    - bpo-14916: Fixed bug in the tokenizer that prevented
      PyRun_InteractiveOne from parsing from the provided FD.
  - Remove upstreamed patches:
    - support-expat-245.patch
* Tue Feb 22 2022 Steve Kowalik <[email protected]>
  - Add patch support-expat-245.patch:
    * Support Expat >= 2.4.5
* Tue Feb 15 2022 Matej Cepl <[email protected]>
  - bsc#1195831 Obsolete older "most modern" versions of python
    packages (python39 for python310 and so forth). For next
    versions it is necessary just to edit the macro.
* Tue Jan 25 2022 Matej Cepl <[email protected]>
  - Remove second superfluous BR rpm-build-python
* Tue Jan 25 2022 Matej Cepl <[email protected]>
  - Remove second superfluous BR rpm-build-python
  - Add fix_configure_rst.patch, which removes duplicate link
    targets and make documentation with old Sphinx in SLE
  - Skip test_capi (bsc#1195140 and bpo#37169)
* Wed Jan 19 2022 Matej Cepl <[email protected]>
  - Update to 3.10.2:
    Bugfix only
    - bpo#46347 memory leak in PyEval_EvalCodeEx (especially
      visible with Cython code)
    - and many others
* Wed Dec 08 2021 Matej Cepl <[email protected]>
  - Upgrade to 3.10.1 (jsc#SLE-18038):
    - PEP 623 – Deprecate and prepare for the removal of the wstr
      member in PyUnicodeObject.
    - PEP 604 – Allow writing union types as X | Y
    - PEP 612 – Parameter Specification Variables
    - PEP 626 – Precise line numbers for debugging and other tools.
    - PEP 618 – Add Optional Length-Checking To zip.
    - bpo-12782: Parenthesized context managers are now officially
      allowed.
    - PEP 632 – Deprecate distutils module.
    - PEP 613 – Explicit Type Aliases
    - PEP 634 – Structural Pattern Matching: Specification
    - PEP 635 – Structural Pattern Matching: Motivation and
      Rationale
    - PEP 636 – Structural Pattern Matching: Tutorial
    - PEP 644 – Require OpenSSL 1.1.1 or newer
    - PEP 624 – Remove Py_UNICODE encoder APIs
    - PEP 597 – Add optional EncodingWarning
  - Patches readjusted:
    - bpo-31046_ensurepip_honours_prefix.patch
    - python-3.3.0b1-fix_date_time_compiler.patch
* Sat Dec 04 2021 Matej Cepl <[email protected]>
  - Remove pdb_adjust_breakpoints.patch and instead just adjust location
    of the test breakpoint in Lib/test/test_pdb.py via sed, because we
    have shortened Lib/pdb.py by removing the shebang (bpo#45964).
* Thu Dec 02 2021 Matej Cepl <[email protected]>
  - Add pdb_adjust_breakpoints.patch fixing expectd results in
    test_pdb_breakpoints_preserved_across_interactive_sessions
    (bpo#45964).
* Mon Nov 29 2021 Matej Cepl <[email protected]>
  - Remove shebangs from from python-base libraries in _libdir
    (bsc#1193179).
  - Readjust patches:
    - bpo-31046_ensurepip_honours_prefix.patch
    - decimal.patch
    - python-3.3.0b1-fix_date_time_compiler.patch
* Tue Nov 16 2021 Matej Cepl <[email protected]>
  - Move rpm-build-python construct to correct place.
* Wed Oct 13 2021 Dominique Leuenberger <[email protected]>
  - BuildRequire rpm-build-python: The provider to inject python(abi)
    has been moved there. rpm-build pulls rpm-build-python
    automatically in when building anything against python3-base, but
    this implies that the initial build of python3-base does not
    trigger the automatic installation.
* Tue Oct 05 2021 Matej Cepl <[email protected]>
  - Final release of 3.10.0:
    Complete list on https://www.python.org/downloads/release/python-3100/,
    but highlights are:
    - PEP 623 – Deprecate and prepare for the removal of the wstr
      member in PyUnicodeObject.
    - PEP 604 – Allow writing union types as X | Y
    - PEP 612 – Parameter Specification Variables
    - PEP 626 – Precise line numbers for debugging and other
      tools.
    - PEP 618 – Add Optional Length-Checking To zip.
    - PEP 632 – Deprecate distutils module.
    - PEP 613 – Explicit Type Aliases
    - PEP 634 – Structural Pattern Matching: Specification
    - PEP 635 – Structural Pattern Matching: Motivation and
      Rationale
    - PEP 636 – Structural Pattern Matching: Tutorial
    - PEP 644 – Require OpenSSL 1.1.1 or newer
    - PEP 624 – Remove Py_UNICODE encoder APIs
    - PEP 597 – Add optional EncodingWarning
    - bpo-12782: Parenthesized context managers are now officially
      allowed.
* Mon Aug 30 2021 Matej Cepl <[email protected]>
  - Switch on option --with-system-libmpdec (bsc#1189356).
* Fri Aug 27 2021 Andreas Schwab <[email protected]>
  - Reenable profileopt with qemu emulation, test_faulthandler is no longer
    run during profiling
* Thu Aug 12 2021 Andreas Schwab <[email protected]>
  - test_faulthandler is still problematic under qemu linux-user emulation,
    disable it there
* Wed Aug 11 2021 Matej Cepl <[email protected]>
  - Update to 3.10.0rc1 (the penultimate prerelease), which contains
    plenty of small bugfixes among others:
    - bpo#38605: from __future__ import annotations (PEP 563) used to be
      on this list in previous pre-releases but it has been postponed to
      Python 3.11 due to some compatibility concerns.
    - bpo-44600: Fix incorrect line numbers while tracing some failed
      patterns in match statements. Patch by Charles Burkland.
    - plenty of modifications in types.Union
* Wed Jul 21 2021 Matej Cepl <[email protected]>
  - Update to 3.10.0b4:
    https://docs.python.org/3.10/whatsnew/changelog.html#python-3-10-0-beta-4
  - Remove python3-imp-returntype.patch which has been upstreamed.
* Mon Jun 07 2021 Matej Cepl <[email protected]>
  - Update to 3.10.0b2:
    - PEP 623 -- Deprecate and prepare for the removal of the wstr
      member in PyUnicodeObject.
    - PEP 604 -- Allow writing union types as X | Y
    - PEP 612 -- Parameter Specification Variables
    - PEP 626 -- Precise line numbers for debugging and other
      tools.
    - PEP 618 -- Add Optional Length-Checking To zip.
    - bpo-12782: Parenthesized context managers are now officially
      allowed.
    - PEP 632 -- Deprecate distutils module.
    - PEP 613 -- Explicit Type Aliases
    - PEP 634 -- Structural Pattern Matching: Specification
    - PEP 635 -- Structural Pattern Matching: Motivation and
      Rationale
    - PEP 636 -- Structural Pattern Matching: Tutorial
    - PEP 644 -- Require OpenSSL 1.1.1 or newer
    - PEP 624 -- Remove Py_UNICODE encoder APIs
    - PEP 597 -- Add optional EncodingWarning
  - Removed patches (assumed upstream):
    - sphinx-update-removed-function.patch
* Sat Jun 05 2021 Matej Cepl <[email protected]>
  - Revert previous skip over test_capi
  - Add skip-test_pyobject_freed_is_freed.patch to skip failing
    test on SLE-15.
* Fri Jun 04 2021 Dirk Müller <[email protected]>
  - allow build with Sphinx >= 3.x
* Wed Jun 02 2021 Dan Čermák <[email protected]>
  - Exclude test_capi on Leap (test fails there)
* Fri May 21 2021 Matej Cepl <[email protected]>
  - Stop providing "python" symbol (bsc#1185588), which means
    python2 currently.
* Wed May 05 2021 Matej Cepl <[email protected]>
  - Update to 3.9.5:
    * Security
    - bpo-43434: Creating a sqlite3.Connection object now also
      produces a sqlite3.connect auditing event. Previously this
      event was only produced by sqlite3.connect() calls. Patch
      by Erlend E. Aasland.
    - bpo-43882: The presence of newline or tab characters in
      parts of a URL could allow some forms of attacks.
    - Following the controlling specification for URLs defined by
      WHATWG urllib.parse() now removes ASCII newlines and tabs
      from URLs, preventing such attacks.
    - bpo-43472: Ensures interpreter-level audit hooks receive
      the cpython.PyInterpreterState_New event when called
      through the _xxsubinterpreters module.
    - bpo-36384: ipaddress module no longer accepts any leading
      zeros in IPv4 address strings. Leading zeros are ambiguous
      and interpreted as octal notation by some libraries. For
      example the legacy function socket.inet_aton() treats
      leading zeros as octal notatation. glibc implementation of
      modern inet_pton() does not accept any leading zeros. For
      a while the ipaddress module used to accept ambiguous
      leading zeros.
    - bpo-43075: Fix Regular Expression Denial of Service (ReDoS)
      vulnerability in urllib.request.AbstractBasicAuthHandler.
      The ReDoS-vulnerable regex has quadratic worst-case
      complexity and it allows cause a denial of service when
      identifying crafted invalid RFCs. This ReDoS issue is on
      the client side and needs remote attackers to control the
      HTTP server.
    - bpo-42800: Audit hooks are now fired for frame.f_code,
      traceback.tb_frame, and generator code/frame attribute
      access.
    * Core and Builtins
    - bpo-43105: Importlib now resolves relative paths when
      creating module spec objects from file locations.
    - bpo-42924: Fix bytearray repetition incorrectly copying
      data from the start of the buffer, even if the data is
      offset within the buffer (e.g. after reassigning a slice at
      the start of the bytearray to a shorter byte string).
    * Library
    - bpo-43993: Update bundled pip to 21.1.1.
    - bpo-43937: Fixed the turtle module working with non-default
      root window.
    - bpo-43930: Update bundled pip to 21.1 and setuptools to
      56.0.0
    - bpo-43920: OpenSSL 3.0.0: load_verify_locations() now
      returns a consistent error message when cadata contains no
      valid certificate.
    - bpo-43607: urllib can now convert Windows paths with \\?\
      prefixes into URL paths.
    - bpo-43284: platform.win32_ver derives the windows version
      from sys.getwindowsversion().platform_version which in turn
      derives the version from kernel32.dll (which can be of
      a different version than Windows itself). Therefore change
      the platform.win32_ver to determine the version using the
      platform module’s _syscmd_ver private function to return an
      accurate version.
    - bpo-42248: [Enum] ensure exceptions raised in _missing__
      are released
    - bpo-43799: OpenSSL 3.0.0: define OPENSSL_API_COMPAT 1.1.1
      to suppress deprecation warnings. Python requires OpenSSL
      1.1.1 APIs.
    - bpo-43794: Add ssl.OP_IGNORE_UNEXPECTED_EOF constants
      (OpenSSL 3.0.0)
    - bpo-43789: OpenSSL 3.0.0: Don’t call the password callback
      function a second time when first call has signaled an
      error condition.
    - bpo-43788: The header files for ssl error codes are now
      OpenSSL version-specific. Exceptions will now show correct
      reason and library codes. The make_ssl_data.py script has
      been rewritten to use OpenSSL’s text file with error codes.
    - bpo-43655: tkinter dialog windows are now recognized as
      dialogs by window managers on macOS and X Window.
    - bpo-43534: turtle.textinput() and turtle.numinput() create
      now a transient window working on behalf of the canvas
      window.
    - bpo-43522: Fix problem with hostname_checks_common_name.
      OpenSSL does not copy hostflags from struct SSL_CTX to
      struct SSL.
    - bpo-42967: Allow bytes separator argument in
      urllib.parse.parse_qs and urllib.parse.parse_qsl when
      parsing str query strings. Previously, this raised
      a TypeError.
    - bpo-43176: Fixed processing of a dataclass that inherits
      from a frozen dataclass with no fields. It is now correctly
      detected as an error.
    - bpo-41735: Fix thread locks in zlib module may go wrong in
      rare case. Patch by Ma Lin.
    - bpo-36470: Fix dataclasses with InitVars and replace().
      Patch by Claudiu Popa.
    - bpo-32745: Fix a regression in the handling of ctypes’
      ctypes.c_wchar_p type: embedded null characters would cause
      a ValueError to be raised. Patch by Zackery Spytz.
    * Documentation
    - bpo-43959: The documentation on the PyContextVar C-API was
      clarified.
    - bpo-43938: Update dataclasses documentation to express that
      FrozenInstanceError is derived from AttributeError.
    - bpo-43755: Update documentation to reflect that
      unparenthesized lambda expressions can no longer be the
      expression part in an if clause in comprehensions and
      generator expressions since Python 3.9.
    - bpo-43739: Fixing the example code in
      Doc/extending/extending.rst to declare and initialize the
      pmodule variable to be of the right type.
    * Tests
    - bpo-43961: Fix
      test_logging.test_namer_rotator_inheritance() on Windows:
      use os.replace() rather than os.rename(). Patch by Victor
      Stinner.
    - bpo-43842: Fix a race condition in the SMTP test of
      test_logging. Don’t close a file descriptor (socket) from
      a different thread while asyncore.loop() is polling the
      file descriptor. Patch by Victor Stinner.
    - bpo-43811: Tests multiple OpenSSL versions on GitHub
      Actions. Use ccache to speed up testing.
    - bpo-43791: OpenSSL 3.0.0: Disable testing of legacy
      protocols TLS 1.0 and 1.1. Tests are failing with
      TLSV1_ALERT_INTERNAL_ERROR.
  - Refreshed patches:
    - bpo-31046_ensurepip_honours_prefix.patch
    - python-3.3.0b1-fix_date_time_compiler.patch
  - Add vendorized files from bluez-devel to enable building support for
    Bluetooth.
* Sun May 02 2021 Ben Greiner <[email protected]>
  - Make sure to close the import_failed.map file after the exception
    has been raised in order to avoid ResourceWarnings when the
    failing import is part of a try...except block.
* Wed Apr 28 2021 Matej Cepl <[email protected]>
  - Update to 3.9.4:
    - bpo#43710: Reverted the fix for https://bugs.python.org/issue42500
      as it changed the PyThreadState struct size and broke the 3.9.x ABI
      in the 3.9.3 release (visible on 32-bit platforms using binaries
      compiled using an earlier version of Python 3.9.x headers).
    - bpo#26053: Fixed bug where the pdb interactive run command echoed
      the args from the shell command line, even if those have been
      overridden at the pdb prompt.
    - bpo#42988 (bsc#1183374) CVE-2021-3426: Remove the getfile
      feature of the pydoc module which could be abused to read
      arbitrary files on the disk (directory traversal
      vulnerability). Moreover, even source code of Python modules
      can contain sensitive data like passwords. Vulnerability
      reported by David Schwörer.
    - bpo#43285: ftplib no longer trusts the IP address value
      returned from the server in response to the PASV command by
      default. This prevents a malicious FTP server from using the
      response to probe IPv4 address and port combinations on the
      client network. Code that requires the former vulnerable
      behavior may set a trust_server_pasv_ipv4_address attribute
      on their ftplib.FTP instances to True to re-enable it.
    - bpo#43439: Add audit hooks for gc.get_objects(),
      gc.get_referrers() and gc.get_referents(). Patch by Pablo
      Galindo.
    - bpo#43660: Fix crash that happens when replacing sys.stderr
      with a callable that can remove the object while an exception
      is being printed. Patch by Pablo Galindo.
    - bpo#43555: Report the column offset for SyntaxError for
      invalid line continuation characters. Patch by Pablo Galindo.
    - bpo#43517: Fix misdetection of circular imports when using
      from pkg.mod import attr, which caused false positives in
      non-trivial multi-threaded code.
    - bpo#35883: Python no longer fails at startup with a fatal
      error if a command line argument contains an invalid Unicode
      character. The Py_DecodeLocale() function now escapes byte
      sequences which would be decoded as Unicode characters
      outside the [U+0000; U+10ffff] range.
    - bpo#43406: Fix a possible race condition where
      PyErr_CheckSignals tries to execute a non-Python signal
      handler.
    - bpo#42500: Improve handling of exceptions near recursion
      limit. Converts a number of Fatal Errors in RecursionErrors.
    - bpo#43433: xmlrpc.client.ServerProxy no longer ignores query
      and fragment in the URL of the server.
    - bpo#35930: Raising an exception raised in a “future” instance
      will create reference cycles.
    - bpo#43577: Fix deadlock when using ssl.SSLContext debug
      callback with ssl.SSLContext.sni_callback().
    - bpo#43521: ast.unparse can now render NaNs and empty sets.
    - bpo#43423: subprocess.communicate() no longer raises an
      IndexError when there is an empty stdout or stderr IO buffer
      during a timeout on Windows.
    - bpo#27820: Fixed long-standing bug of smtplib.SMTP where
      doing AUTH LOGIN with initial_response_ok=False will fail.
      The cause is that SMTP.auth_login _always_ returns a password
      if provided with a challenge string, thus non-compliant with
      the standard for AUTH LOGIN. Also fixes bug with the test for
      smtpd.
    - bpo#43332: Improves the networking efficiency of http.client
      when using a proxy via set_tunnel(). Fewer small send calls
      are made during connection setup.
    - bpo#43399: Fix ElementTree.extend not working on iterators
      when using the Python implementation
    - bpo#43316: The python -m gzip command line application now
      properly fails when detecting an unsupported extension. It
      exits with a non-zero exit code and prints an error message
      to stderr.
    - bpo#43260: Fix TextIOWrapper can not flush internal buffer
      forever after very large text is written.
    - bpo#42782: Fail fast in shutil.move() to avoid creating
      destination directories on failure.
    - bpo#37193: Fixed memory leak in socketserver.ThreadingMixIn
      introduced in Python 3.7.
    - bpo#43199: Answer “Why is there no goto?” in the Design and
      History FAQ.
    - bpo#43407: Clarified that a result from time.monotonic(),
      time.perf_counter(), time.process_time(), or
      time.thread_time() can be compared with the result from any
      following call to the same function - not just the next
      immediate call.
    - bpo#27646: Clarify that ‘yield from <expr>’ works with any
      iterable, not just iterators.
    - bpo#36346: Update some deprecated unicode APIs which are
      documented as “will be removed in 4.0” to “3.12”. See PEP 623
      for detail.
    - bpo#37945: Fix test_getsetlocale_issue1813() of test_locale:
      skip the test if setlocale() fails. Patch by Victor Stinner.
    - bpo#41561: Add workaround for Ubuntu’s custom OpenSSL
      security level policy.
    - bpo#43288: Fix test_importlib to correctly skip Unicode file
      tests if the fileystem does not support them.
    - bpo#43617: Improve configure.ac: Check for presence of
      autoconf-archive package and remove our copies of M4 macros.
    - bpo#42225: Document that IDLE can fail on Unix either from
      misconfigured IP masquerage rules or failure displaying
      complex colored (non-ascii) characters.
    - bpo#43283: Document why printing to IDLE’s Shell is often
      slower than printing to a system terminal and that it can be
      made faster by pre-formatting a single string before
      printing.
* Fri Feb 19 2021 Matej Cepl <[email protected]>
  - Update to 3.9.2:
    - bpo#42938 (bsc#1181126): Avoid static buffers when computing
      the repr of ctypes.c_double and ctypes.c_longdouble
      values. This issue was assigned CVE-2021-3177.
    - bpo#42967 (bsc#1182379): Fix web cache poisoning
      vulnerability by defaulting the query args separator to &,
      and allowing the user to choose a custom separator. This
      issue was assigned CVE-2021-23336.
  - Upstreamed patches were removed:
    - CVE-2021-3177-buf_ovrfl_PyCArg_repr.patch
    - bsc1167501-invalid-alignment.patch
    - skip_random_failing_tests.patch
    - CVE-2019-5010-null-defer-x509-cert-DOS.patch
* Tue Feb 09 2021 Steve Kowalik <[email protected]>
  - Add Obsoletes for python3-base when primary interpreter is set to
    properly replace it during upgrades.  (bsc#1181324)
* Mon Feb 08 2021 Matej Cepl <[email protected]>
  - Update to 3.9.1:
    Security bugs:
    - Prevented potential DoS attack via CPU and RAM exhaustion
      when processing malformed Apple Property List files in binary
      format.
    - The plistlib module no longer accepts entity declarations in
      XML plist files to avoid XML vulnerabilities. This should not
      affect users as entity declarations are not used in regular
      plist files.
    - Add volatile to the accumulator variable in
      hmac.compare_digest, making constant-time-defeating
      optimizations less likely.
    Core and Builtins
    - Allow assignment expressions in set literals and set
      comprehensions as per PEP 572. Patch by Pablo Galindo.
    - Fix a regression introduced by the new parser, where an
      unparenthesized walrus operator was not allowed within
      generator expressions.
    - types.GenericAlias objects can now be the targets of
      weakrefs.
    - Fixed a bug in the PEG parser that was causing crashes in
      debug mode. Now errors are checked in left-recursive rules to
      avoid cases where such errors do not get handled in time and
      appear as long-distance crashes in other places.
    - Fixed a possible crash in the PEG parser when checking for
      the ‘!=’ token in the barry_as_flufl rule. Patch by Pablo
      Galindo.
    - Fix handling of errors during creation of PyFunctionObject,
      which resulted in operations on uninitialized memory. Patch
      by Yonatan Goldschmidt.
    - Fix a bug in the parser, where a curly brace following
      a primary didn’t fail immediately. This led to invalid
      expressions like a {b} to throw a SyntaxError with a wrong
      offset, or invalid expressions ending with a curly brace like
      a { to not fail immediately in the REPL.
    - Fix possible buffer overflow in the new parser when checking
      for continuation lines. Patch by Pablo Galindo.
    - Run the parser two times. On the first run, disable all the
      rules that only generate better error messages to gain
      performance. If there’s a parse failure, run the parser
      a second time with those enabled.
    - Document the default implementation of object.__eq__.
    - Fix peephole optimizer misoptimize conditional jump
      + JUMP_IF_NOT_EXC_MATCH pair.
    - The garbage collector now tracks all user-defined classes.
      Patch by Brandt Bucher.
    - Fixed potential issues with removing not completely
      initialized module from sys.modules when import fails.
    - Star-unpacking is now allowed for with item’s targets in the
      PEG parser.
    - Fixed stack overflow in issubclass() and isinstance() when
      getting the __bases__ attribute leads to infinite recursion.
    - When loading a native module and a load failure occurs,
      prevent a possible UnicodeDecodeError when not running in
      a UTF-8 locale by decoding the load error message using the
      current locale’s encoding.
    - Correctly count control blocks in ‘except’ in compiler.
      Ensures that a syntax error, rather a fatal error, occurs for
      deeply nested, named exception handlers.
    Library
    - types.GenericAlias will now raise a TypeError when attempting
      to initialize with a keyword argument. Previously, this would
      cause the interpreter to crash if the interpreter was
      compiled with debug symbols. This does not affect
      interpreters compiled for release. Patch by Ken Jin.
    - CGIHTTPRequestHandler.run_cgi() HTTP_ACCEPT improperly
      parsed. Replace the special purpose getallmatchingheaders
      with generic get_all method and add relevant tests.
    - inspect.findsource() now raises OSError instead of IndexError
      when co_lineno of a code object is greater than the file
      length. This can happen, for example, when a file is edited
      after it was imported. PR by Irit Katriel.
    - Fix handling of trailing comments by inspect.getsource().
    - ChainMap.__iter__ no longer calls __getitem__ on underlying
      maps
    - TracebackException no longer holds a reference to the
      exception’s traceback object. Consequently, instances of
      TracebackException for equivalent but non-equal exceptions
      now compare as equal.
    - We fixed an issue in pickle.whichmodule in which importing
      multiprocessing could change the how pickle identifies which
      module an object belongs to, potentially breaking the
      unpickling of those objects.
    - Clarify the error message for asyncio.IncompleteReadError
      when expected is None.
    - Extracting a symlink from a tarball should succeed and
      overwrite the symlink if it already exists. The fix is to
      remove the existing file or symlink before extraction. Based
      on patch by Chris AtLee, Jeffrey Kintscher, and Senthil
      Kumaran.
    - Fixed tkinter.ttk.Style.map(). The function accepts now the
      representation of the default state as empty sequence (as
      returned by Style.map()). The structure of the result is now
      the same on all platform and does not depend on the value of
      wantobjects.
    - Fix various issues with typing.Literal parameter handling
      (flatten, deduplicate, use type to cache key). Patch provided
      by Yurii Karabas.
    - Fix the threading.Thread class at fork: do nothing if the
      thread is already stopped (ex: fork called at Python exit).
      Previously, an error was logged in the child process.
    - The onerror callback from shutil.rmtree now receives correct
      function when os.open fails.
    - Fix os.sendfile() on illumos.
    - Fixed writing binary Plist files larger than 4 GiB.
    - The repr() of typing types containing Generic Alias Types
      previously did not show the parameterized types in the
      GenericAlias. They have now been changed to do so.
    - webbrowser: Ignore NotADirectoryError when calling
      xdg-settings.
    - binhex.binhex() consisently writes macOS 9 line endings.
    - Fix a stack overflow error for asyncio Task or Future repr().
    - The overflow occurs under some circumstances when a Task or
      Future recursively returns itself.
    - Fix memory leak in subprocess.Popen() in case an uid (gid)
      specified in user (group, extra_groups) overflows uid_t
      (gid_t).
    - Improve asyncio.wait function to create the futures set just
      one time.
    - InvalidFileException and RecursionError are now the only
      errors caused by loading malformed binary Plist file
      (previously ValueError and TypeError could be raised in some
      specific cases).
    - Pickling heap types implemented in C with protocols 0 and
      1 raises now an error instead of producing incorrect data.
    - plistlib: fix parsing XML plists with hexadecimal integer
      values
    - Fix an incorrectly formatted error from
      _codecs.charmap_decode() when called with a mapped value
      outside the range of valid Unicode code points. PR by Max
      Bernstein.
    - Fix pickling pure Python datetime.time subclasses. Patch by
      Dean Inwood.
    - Fixed a bug that was causing ctypes.util.find_library() to
      return None when triying to locate a library in an
      environment when gcc>=9 is available and ldconfig is not.
      Patch by Pablo Galindo
    - C14N 2.0 serialisation in xml.etree.ElementTree failed for
      unprefixed attributes when a default namespace was defined.
    - Fix a bug in the symtable module that was causing
      module-scope global variables to not be reported as both
      local and global. Patch by Pablo Galindo.
    - str() for the type attribute of the tkinter.Event object
      always returns now the numeric code returned by Tk instead of
      the name of the event type.
    - fix tkinter.EventType Enum so all members are strings, and
      none are tuples
    - Fix SQLite3 segfault when backing up closed database. Patch
      contributed by Peter David McCormick.
    - Fix the tarfile module to write only basename of TAR file to
      GZIP compression header.
    - Allow ctypes.wintypes to be imported on non-Windows systems.
    - shutil.which() now ignores empty entries in PATHEXT instead
      of treating them as a match.
    - Fix time-of-check/time-of-action issue in
      subprocess.Popen.send_signal.
    - Fix --outfile for cProfile / profile not writing the output
      file in the original directory when the program being
      profiled changes the working directory. PR by Anthony
      Sottile.
    - ZipFile truncates files to avoid corruption when a shorter
      comment is provided in append (“a”) mode. Patch by Jan Mazur.
    - Fixed KeyError exception when flattening an email to a string
      attempts to replace a non-existent Content-Transfer-Encoding
      header.
    Documentation
    - Fix the URL for the IMAP protocol documents.
    - Document __format__ functionality for IP addresses.
    - Clarify that subscription expressions are also valid for
      certain classes and types in the standard library, and for
      user-defined classes and types if the classmethod
      __class_getitem__() is provided.
    - Documented generic alias type and types.GenericAlias. Also
      added an entry in glossary for generic types.
    - In Programming FAQ “Sequences (Tuples/Lists)” section, add
      “How do you remove multiple items from a list”.
    - Fix RemovedInSphinx40Warning when building the documentation.
      Patch by Dong-hee Na.
    - Update the refcounts info of PyType_FromModuleAndSpec.
    - Fix tarfile’s extractfile documentation
    - Document some restrictions on the default string
      representations of numeric classes.
    Tests
    - Reenable test_gdb on gdb 9.2 and newer:
      https://bugzilla.redhat.com/show_bug.cgi?id=1866884 bug is
      fixed in gdb 10.1.
    - Fix test_asyncio.test_call_later() race condition: don’t
      measure asyncio performance in the call_later() unit test.
      The test failed randomly on the CI.
    - Include _testinternalcapi module in Windows installer for
      test suite
    - Fix test_logging.test_race_between_set_target_and_flush():
      the test now waits until all threads complete to avoid
      leaking running threads.
    - Avoid a test failure in test_lib2to3 if the module has
      already imported at the time the test executes. Patch by
      Pablo Galindo.
    - Tests for CJK codecs no longer call eval() on content
      received via HTTP.
    - Fix test_site.test_license_exists_at_url(): call
      urllib.request.urlcleanup() to reset the global
      urllib.request._opener. Patch by Victor Stinner.
    - test_ssl: skip test_min_max_version_mismatch when TLS 1.0 is
      not available
    - Add tests for SIGINT handling in the runpy module.
    - Fixed a failure in test_tk.test_widgets.ScaleTest happening
      when executing the test with Tk 8.6.10.
    Build
    - Fix a race condition in “make regen-all” when make -jN option
      is used to run jobs in parallel. The clinic.py script now
      only use atomic write to write files. Moveover, generated
      files are now left unchanged if the content does not change,
      to not change the file modification time.
    - Update Py_UNREACHABLE to use __builtin_unreachable() if only
      the compiler is able to use it. Patch by Dong-hee Na.
    - Addressed three compiler warnings found by undefined behavior
      sanitizer (ubsan).
    IDLE
    - Fix reporting offset of the RE error in searchengine.
    - Get docstrings for IDLE calltips more often by using
      inspect.getdoc.
    - Mostly finish using ttk widgets, mainly for editor, settings,
      and searches. Some patches by Mark Roseman.
    - Use ‘IDLE Shell’ as shell title
    - Rewrite the Calltips doc section.
    - In calltips, stop reminding that ‘/’ marks the end of
      positional-only arguments.
    - Typing opening and closing parentheses inside the parentheses
      of a function call will no longer cause unnecessary
      “flashing” off and on of an existing open call-tip, e.g. when
      typed in a string literal.
    C API
    - Fix potential crash in deallocating method objects when
      dynamically allocated PyMethodDef’s lifetime is managed
      through the self argument of a PyCFunction.
    - Py_FileSystemDefaultEncodeErrors and Py_UTF8Mode are
      available again in limited API.
  - Readjustet and reapplied patches:
    - CVE-2021-3177-buf_ovrfl_PyCArg_repr.patch
    - bpo-31046_ensurepip_honours_prefix.patch
    - python-3.3.0b1-fix_date_time_compiler.patch
    - skip_random_failing_tests.patch
    - sphinx-update-removed-function.patch
* Fri Jan 29 2021 Matej Cepl <[email protected]>
  - Add CVE-2021-3177-buf_ovrfl_PyCArg_repr.patch fixing
    bsc#1181126 (CVE-2021-3177) buffer overflow in PyCArg_repr in
    _ctypes/callproc.c, which may lead to remote code execution.
* Tue Jan 05 2021 Matej Cepl <[email protected]>
  - (bsc#1180125) We really don't Require python-rpm-macros package.
    Unnecessary dependency.

Files

/usr/bin/python3.12-config
/usr/include/python3.12
/usr/include/python3.12/Python.h
/usr/include/python3.12/abstract.h
/usr/include/python3.12/bltinmodule.h
/usr/include/python3.12/boolobject.h
/usr/include/python3.12/bytearrayobject.h
/usr/include/python3.12/bytesobject.h
/usr/include/python3.12/ceval.h
/usr/include/python3.12/codecs.h
/usr/include/python3.12/compile.h
/usr/include/python3.12/complexobject.h
/usr/include/python3.12/cpython
/usr/include/python3.12/cpython/abstract.h
/usr/include/python3.12/cpython/bytearrayobject.h
/usr/include/python3.12/cpython/bytesobject.h
/usr/include/python3.12/cpython/cellobject.h
/usr/include/python3.12/cpython/ceval.h
/usr/include/python3.12/cpython/classobject.h
/usr/include/python3.12/cpython/code.h
/usr/include/python3.12/cpython/compile.h
/usr/include/python3.12/cpython/complexobject.h
/usr/include/python3.12/cpython/context.h
/usr/include/python3.12/cpython/descrobject.h
/usr/include/python3.12/cpython/dictobject.h
/usr/include/python3.12/cpython/fileobject.h
/usr/include/python3.12/cpython/fileutils.h
/usr/include/python3.12/cpython/floatobject.h
/usr/include/python3.12/cpython/frameobject.h
/usr/include/python3.12/cpython/funcobject.h
/usr/include/python3.12/cpython/genobject.h
/usr/include/python3.12/cpython/import.h
/usr/include/python3.12/cpython/initconfig.h
/usr/include/python3.12/cpython/interpreteridobject.h
/usr/include/python3.12/cpython/listobject.h
/usr/include/python3.12/cpython/longintrepr.h
/usr/include/python3.12/cpython/longobject.h
/usr/include/python3.12/cpython/memoryobject.h
/usr/include/python3.12/cpython/methodobject.h
/usr/include/python3.12/cpython/modsupport.h
/usr/include/python3.12/cpython/object.h
/usr/include/python3.12/cpython/objimpl.h
/usr/include/python3.12/cpython/odictobject.h
/usr/include/python3.12/cpython/picklebufobject.h
/usr/include/python3.12/cpython/pthread_stubs.h
/usr/include/python3.12/cpython/pyctype.h
/usr/include/python3.12/cpython/pydebug.h
/usr/include/python3.12/cpython/pyerrors.h
/usr/include/python3.12/cpython/pyfpe.h
/usr/include/python3.12/cpython/pyframe.h
/usr/include/python3.12/cpython/pylifecycle.h
/usr/include/python3.12/cpython/pymem.h
/usr/include/python3.12/cpython/pystate.h
/usr/include/python3.12/cpython/pythonrun.h
/usr/include/python3.12/cpython/pythread.h
/usr/include/python3.12/cpython/pytime.h
/usr/include/python3.12/cpython/setobject.h
/usr/include/python3.12/cpython/sysmodule.h
/usr/include/python3.12/cpython/traceback.h
/usr/include/python3.12/cpython/tupleobject.h
/usr/include/python3.12/cpython/unicodeobject.h
/usr/include/python3.12/cpython/warnings.h
/usr/include/python3.12/cpython/weakrefobject.h
/usr/include/python3.12/datetime.h
/usr/include/python3.12/descrobject.h
/usr/include/python3.12/dictobject.h
/usr/include/python3.12/dynamic_annotations.h
/usr/include/python3.12/enumobject.h
/usr/include/python3.12/errcode.h
/usr/include/python3.12/exports.h
/usr/include/python3.12/fileobject.h
/usr/include/python3.12/fileutils.h
/usr/include/python3.12/floatobject.h
/usr/include/python3.12/frameobject.h
/usr/include/python3.12/genericaliasobject.h
/usr/include/python3.12/import.h
/usr/include/python3.12/internal
/usr/include/python3.12/internal/pycore_abstract.h
/usr/include/python3.12/internal/pycore_asdl.h
/usr/include/python3.12/internal/pycore_ast.h
/usr/include/python3.12/internal/pycore_ast_state.h
/usr/include/python3.12/internal/pycore_atexit.h
/usr/include/python3.12/internal/pycore_atomic.h
/usr/include/python3.12/internal/pycore_atomic_funcs.h
/usr/include/python3.12/internal/pycore_bitutils.h
/usr/include/python3.12/internal/pycore_blocks_output_buffer.h
/usr/include/python3.12/internal/pycore_bytes_methods.h
/usr/include/python3.12/internal/pycore_bytesobject.h
/usr/include/python3.12/internal/pycore_call.h
/usr/include/python3.12/internal/pycore_ceval.h
/usr/include/python3.12/internal/pycore_ceval_state.h
/usr/include/python3.12/internal/pycore_code.h
/usr/include/python3.12/internal/pycore_compile.h
/usr/include/python3.12/internal/pycore_condvar.h
/usr/include/python3.12/internal/pycore_context.h
/usr/include/python3.12/internal/pycore_descrobject.h
/usr/include/python3.12/internal/pycore_dict.h
/usr/include/python3.12/internal/pycore_dict_state.h
/usr/include/python3.12/internal/pycore_dtoa.h
/usr/include/python3.12/internal/pycore_emscripten_signal.h
/usr/include/python3.12/internal/pycore_exceptions.h
/usr/include/python3.12/internal/pycore_faulthandler.h
/usr/include/python3.12/internal/pycore_fileutils.h
/usr/include/python3.12/internal/pycore_fileutils_windows.h
/usr/include/python3.12/internal/pycore_floatobject.h
/usr/include/python3.12/internal/pycore_flowgraph.h
/usr/include/python3.12/internal/pycore_format.h
/usr/include/python3.12/internal/pycore_frame.h
/usr/include/python3.12/internal/pycore_function.h
/usr/include/python3.12/internal/pycore_gc.h
/usr/include/python3.12/internal/pycore_genobject.h
/usr/include/python3.12/internal/pycore_getopt.h
/usr/include/python3.12/internal/pycore_gil.h
/usr/include/python3.12/internal/pycore_global_objects.h
/usr/include/python3.12/internal/pycore_global_objects_fini_generated.h
/usr/include/python3.12/internal/pycore_global_strings.h
/usr/include/python3.12/internal/pycore_hamt.h
/usr/include/python3.12/internal/pycore_hashtable.h
/usr/include/python3.12/internal/pycore_import.h
/usr/include/python3.12/internal/pycore_initconfig.h
/usr/include/python3.12/internal/pycore_instruments.h
/usr/include/python3.12/internal/pycore_interp.h
/usr/include/python3.12/internal/pycore_intrinsics.h
/usr/include/python3.12/internal/pycore_list.h
/usr/include/python3.12/internal/pycore_long.h
/usr/include/python3.12/internal/pycore_memoryobject.h
/usr/include/python3.12/internal/pycore_moduleobject.h
/usr/include/python3.12/internal/pycore_namespace.h
/usr/include/python3.12/internal/pycore_object.h
/usr/include/python3.12/internal/pycore_object_state.h
/usr/include/python3.12/internal/pycore_obmalloc.h
/usr/include/python3.12/internal/pycore_obmalloc_init.h
/usr/include/python3.12/internal/pycore_opcode.h
/usr/include/python3.12/internal/pycore_opcode_utils.h
/usr/include/python3.12/internal/pycore_parser.h
/usr/include/python3.12/internal/pycore_pathconfig.h
/usr/include/python3.12/internal/pycore_pyarena.h
/usr/include/python3.12/internal/pycore_pyerrors.h
/usr/include/python3.12/internal/pycore_pyhash.h
/usr/include/python3.12/internal/pycore_pylifecycle.h
/usr/include/python3.12/internal/pycore_pymath.h
/usr/include/python3.12/internal/pycore_pymem.h
/usr/include/python3.12/internal/pycore_pymem_init.h
/usr/include/python3.12/internal/pycore_pystate.h
/usr/include/python3.12/internal/pycore_pythread.h
/usr/include/python3.12/internal/pycore_range.h
/usr/include/python3.12/internal/pycore_runtime.h
/usr/include/python3.12/internal/pycore_runtime_init.h
/usr/include/python3.12/internal/pycore_runtime_init_generated.h
/usr/include/python3.12/internal/pycore_signal.h
/usr/include/python3.12/internal/pycore_sliceobject.h
/usr/include/python3.12/internal/pycore_strhex.h
/usr/include/python3.12/internal/pycore_structseq.h
/usr/include/python3.12/internal/pycore_symtable.h
/usr/include/python3.12/internal/pycore_sysmodule.h
/usr/include/python3.12/internal/pycore_time.h
/usr/include/python3.12/internal/pycore_token.h
/usr/include/python3.12/internal/pycore_traceback.h
/usr/include/python3.12/internal/pycore_tracemalloc.h
/usr/include/python3.12/internal/pycore_tuple.h
/usr/include/python3.12/internal/pycore_typeobject.h
/usr/include/python3.12/internal/pycore_typevarobject.h
/usr/include/python3.12/internal/pycore_ucnhash.h
/usr/include/python3.12/internal/pycore_unicodeobject.h
/usr/include/python3.12/internal/pycore_unicodeobject_generated.h
/usr/include/python3.12/internal/pycore_unionobject.h
/usr/include/python3.12/internal/pycore_warnings.h
/usr/include/python3.12/interpreteridobject.h
/usr/include/python3.12/intrcheck.h
/usr/include/python3.12/iterobject.h
/usr/include/python3.12/listobject.h
/usr/include/python3.12/longobject.h
/usr/include/python3.12/marshal.h
/usr/include/python3.12/memoryobject.h
/usr/include/python3.12/methodobject.h
/usr/include/python3.12/modsupport.h
/usr/include/python3.12/moduleobject.h
/usr/include/python3.12/object.h
/usr/include/python3.12/objimpl.h
/usr/include/python3.12/opcode.h
/usr/include/python3.12/osdefs.h
/usr/include/python3.12/osmodule.h
/usr/include/python3.12/patchlevel.h
/usr/include/python3.12/py_curses.h
/usr/include/python3.12/pybuffer.h
/usr/include/python3.12/pycapsule.h
/usr/include/python3.12/pyconfig.h
/usr/include/python3.12/pydtrace.h
/usr/include/python3.12/pyerrors.h
/usr/include/python3.12/pyexpat.h
/usr/include/python3.12/pyframe.h
/usr/include/python3.12/pyhash.h
/usr/include/python3.12/pylifecycle.h
/usr/include/python3.12/pymacconfig.h
/usr/include/python3.12/pymacro.h
/usr/include/python3.12/pymath.h
/usr/include/python3.12/pymem.h
/usr/include/python3.12/pyport.h
/usr/include/python3.12/pystate.h
/usr/include/python3.12/pystats.h
/usr/include/python3.12/pystrcmp.h
/usr/include/python3.12/pystrtod.h
/usr/include/python3.12/pythonrun.h
/usr/include/python3.12/pythread.h
/usr/include/python3.12/pytypedefs.h
/usr/include/python3.12/rangeobject.h
/usr/include/python3.12/setobject.h
/usr/include/python3.12/sliceobject.h
/usr/include/python3.12/structmember.h
/usr/include/python3.12/structseq.h
/usr/include/python3.12/sysmodule.h
/usr/include/python3.12/traceback.h
/usr/include/python3.12/tracemalloc.h
/usr/include/python3.12/tupleobject.h
/usr/include/python3.12/typeslots.h
/usr/include/python3.12/unicodeobject.h
/usr/include/python3.12/warnings.h
/usr/include/python3.12/weakrefobject.h
/usr/lib64/libpython3.12.so
/usr/lib64/pkgconfig/python-3.12-embed.pc
/usr/lib64/pkgconfig/python-3.12.pc
/usr/lib64/python3.12/config-3.12-aarch64-linux-gnu
/usr/lib64/python3.12/config-3.12-aarch64-linux-gnu/Makefile
/usr/lib64/python3.12/config-3.12-aarch64-linux-gnu/Setup
/usr/lib64/python3.12/config-3.12-aarch64-linux-gnu/Setup.bootstrap
/usr/lib64/python3.12/config-3.12-aarch64-linux-gnu/Setup.local
/usr/lib64/python3.12/config-3.12-aarch64-linux-gnu/Setup.stdlib
/usr/lib64/python3.12/config-3.12-aarch64-linux-gnu/config.c
/usr/lib64/python3.12/config-3.12-aarch64-linux-gnu/config.c.in
/usr/lib64/python3.12/config-3.12-aarch64-linux-gnu/install-sh
/usr/lib64/python3.12/config-3.12-aarch64-linux-gnu/libpython3.12.so
/usr/lib64/python3.12/config-3.12-aarch64-linux-gnu/makesetup
/usr/lib64/python3.12/config-3.12-aarch64-linux-gnu/python-config.py
/usr/lib64/python3.12/config-3.12-aarch64-linux-gnu/python.o
/usr/share/gdb
/usr/share/gdb/auto-load
/usr/share/gdb/auto-load/usr
/usr/share/gdb/auto-load/usr/lib64
/usr/share/gdb/auto-load/usr/lib64/libpython3.12.so.1.0-gdb.py


Generated by rpm2html 1.8.1

Fabrice Bellet, Wed Dec 11 00:02:06 2024