From Fedora Project Wiki
No edit summary |
(add sinpi patch) |
||
(98 intermediate revisions by 8 users not shown) | |||
Line 12: | Line 12: | ||
! Upstream status | ! Upstream status | ||
|- | |- | ||
| | | 446 || Resolve sinpi name clash with libm || Python 3.6 in Fedora || [https://github.com/python/cpython/pull/12027 Fixed upstream in 3.12+] | ||
| [] | |- | ||
| 445 || CVE-2024-12254 - _SelectorSocketTransport.writelines is missing a flow control check allowing writes to fill memory until exhausted || Python 3.12 and older in Fedora and RHEL || [https://github.com/python/cpython/issues/127655 Fixed upstream in 3.12+] | |||
|- | |||
| 444 || CVE-2024-11168 - validation of bracketed hosts found by urlsplit || Python 3.10 and older in Fedora and RHEL || [https://github.com/python/cpython/issues/103848 Fixed upstream in 3.11+] | |||
|- | |||
| 443 || CVE-2024-9287 - Non-quoted paths in venv activation scripts || Python 3.6 in Fedora and RHEL || [https://github.com/python/cpython/issues/124651 Fixed upstream in 3.9+] | |||
|- | |||
| 442 || Require network resource in test_urllib2.HandlerTests.test_ftp_error || Python 3.14.0a1 in Fedora || [https://github.com/python/cpython/pull/125586 Fixed upstream] | |||
|- | |||
| 441 || Make vectorized versions of Blake2 available on x86, too || Python 3.14.0a1 in Fedora || [https://github.com/python/cpython/pull/125244 Open upstream] | |||
|- | |||
| 440 || Pass main_tstate to update_global_state_for_extension() || Python 3.13.0rc2 in Fedora || [https://github.com/python/cpython/pull/124164 Fixed upstream] | |||
|- | |||
| 439 || Handle an empty AST body when reporting tracebacks || Python 3.13.0rc2 in Fedora || [https://github.com/python/cpython/issues/122145 Fixed upstream] | |||
|- | |||
| 438 || Fix ThreadedVSOCKSocketStreamTest || Python 3.8 to 3.11 in Fedora || [https://github.com/python/cpython/pull/119465 Fixed upstream on 3.12+] | |||
|- | |||
| 437 || CVE-2024-6232 - Catastrophic backtracking in tarfile || Everywhere || [https://github.com/python/cpython/issues/121285 Fixed upstream] | |||
|- | |||
| 436 || CVE-2024-8088 - Sanitize names in zipfile.Path || Everywhere || [https://github.com/python/cpython/issues/122905 Fixed upstream] | |||
|- | |||
| 435 || CVE-2024-6923 - newlines in email headers || Everywhere || [https://github.com/python/cpython/issues/121650 Fixed upstream] | |||
|- | |||
| 434 || gh-122728: Fix SystemError in PyEval_GetLocals() || Python 3.13.0rc1 in Fedora || [https://github.com/python/cpython/pull/122735 Fixed upstream] | |||
|- | |||
| 433 || gh-122300: Preserve AST nodes for format specifiers with single elements || Python 3.13.0b4 in Fedora || [https://github.com/python/cpython/pull/122364 Fixed upstream] | |||
|- | |||
| 432 || gh-122014: Account with abi_thread in test_sysconfig.test_user_similar || Python 3.13.0b4 in Fedora || [https://github.com/python/cpython/pull/122017 Fixed upstream] | |||
|- | |||
| 431 || CVE-2024-4032 - incorrect IPv4 and IPv6 private ranges || Everywhere || [https://github.com/python/cpython/issues/113171 Fixed upstream] | |||
|- | |||
| 430 || Fix ~/.python_history emptying || Python 3.13.0b3 in Fedora || [https://github.com/python/cpython/pull/121255 Fixed upstream] | |||
|- | |||
| 429 || Fix JIT build race condition || Python 3.13.0b2 in Fedora || [https://github.com/python/cpython/pull/120690 Fixed upstream] | |||
|- | |||
| 428 || Fix PGO tests in free-threaded build || Python 3.13.0b1 in Fedora || [https://github.com/python/cpython/pull/118862 Fixed upstream] | |||
|- | |||
| 427 || CVE-2024-0450 || Python 3 in CentOS Stream 8 || [https://github.com/python/cpython/issues/109858 Fixed upstream in 3.8+] | |||
|- | |||
| 426 || CVE-2023-6597 || Python 3 in CentOS Stream 8 || [https://github.com/python/cpython/issues/91133 Fixed upstream in 3.8+] | |||
|- | |||
| 425 || Fix test_makefile_test_folders || Python 3.13.0a6, 3.12 in Fedora || [https://github.com/python/cpython/issues/117711 Fixed upstream] | |||
|- | |||
| 424 || Remove internal usage of @LIBPYTHON@ || Python 3.13.0a5 in Fedora || [https://github.com/python/cpython/pull/116746 Fixed upstream] | |||
|- | |||
| 423 || Add triplets for mips-r6 and riscv || Python 3.6 in Fedora || [https://github.com/python/cpython/pull/6655 Fixed upstream for 3.8+] | |||
|- | |||
| 422 || Fix tests for XMLPullParser with Expat 2.6.0 || Python 3.12 and older in Fedora || [https://github.com/python/cpython/issues/115133 Fixed upstream] | |||
|- | |||
| 421 || Fix crash involving exhausted list iterator || Python 3.13.0a4 in Fedora || [https://github.com/python/cpython/commit/520403ed4cdf4890d63403c9cf01ac63233f5ef4 Fixed upstream in main (3.13)] | |||
|- | |||
| 420 || Add again _PyCFunctionFastWithKeywords name || Python 3.13.0a4 in Fedora || [https://github.com/python/cpython/pull/115561 Fixed upstream in main (3.13)] | |||
|- | |||
| 419 || Fix comparison of ZLIB_RUNTIME_VERSION with non-int suffix || Python 3.10, 3.9, 3.8, 3.6 in Fedora || [https://github.com/python/cpython/pull/112771 Fixed upstream in 3.8+] | |||
|- | |||
| 418 || Remove generating sbom from make regen-all || Python 3.13.0a3+4 and 3.12.2 in Fedora || Downstream only | |||
|- | |||
| 417 || GCC 14 tkinter -Wincompatible-pointer-types || Python 2.7 in Fedora || Downstream only | |||
|- | |||
| 416 || Casting issue in Python 3.12 || unused at the end || | |||
|- | |||
| 415 || CVE-2023-27043 in email || Everywhere in Fedora and RHEL || [https://github.com/python/cpython/pull/111116 Fixed upstream in main (3.13)] | |||
|- | |||
| 414 || Backport of skip_on_s390x decorator || Python 3.6 in RHEL 8, Python 3.9 in RHEL 9 || [https://github.com/python/cpython/commit/9475dc0b8d2a0db40278bbcb88a89b1265a77ec9 Fixed upstream in 3.11.0a6] | |||
|- | |||
| 413 || CVE-2022-48564 || Python 3.6 in RHEL 8 || [https://github.com/python/cpython/commit/a63234c49b2fbfb6f0aca32525e525ce3d43b2b4 Fixed upstream in 3.6.13] | |||
|- | |||
| 412 || Include new dir test/regrtestdata in the installation || Python 3.11.7 in Fedora || [https://github.com/python/cpython/pull/112784 Fixed upstream in 3.11.8] | |||
|- | |||
| 411 || Intern Statically Allocated Strings Globally || Considered for Python 3.12.0 in Fedora, but was not shipped before 3.12.1 || [https://github.com/python/cpython/pull/110713 Fixed upstream in 3.12.1] | |||
|- | |||
| 410 || Fix implicit function declarations in configure || Python 3.6 and 2.7 in Fedora || [https://github.com/python/cpython/issues/86764 Fixed upstream in 3.8+] | |||
|- | |||
| 409 || Fix broken nice configure test (missing stdlib.h and unistd.h includes) || Python 3.6 in Fedora || [https://github.com/python/cpython/issues/57706 Fixed upstream in 3.7+] | |||
|- | |||
| 408 || CVE-2022-48560 || Python 3.6 and 2.7 in RHEL 8 || [https://github.com/python/cpython/issues/83602 Fixed upstream in 3.6.11+] | |||
|- | |||
| 407 || Fix implicit int compiler warning in configure check for PTHREAD_SCOPE_SYSTEM || Python 2.7, 3.9, and 3.8 in Fedora || [https://github.com/python/cpython/issues/99086 Fixed upstream in 3.10+] | |||
|- | |||
|- | |||
| 406 || CVE-2022-48565 || Python 2.7 in Fedora and RHEL || Fixed upstream in 3.6+. | |||
|- | |||
|- | |||
| 405 || Fix C99 errors: declare functions || Python 2.7 in Fedora || Downstream only. | |||
|- | |||
|- | |||
| 404 || CVE-2023-40217 + fixups || Python in RHEL || [https://github.com/python/cpython/issues/108310 Fixed upstream in 3.8+] | |||
|- | |||
|- | |||
| 403 || Fix TLS version in tests of Python 2.7 to support OpenSSL 3.1 || Python 2.7 in Fedora || [https://github.com/python/cpython/pull/104811 Fixed upstream in 3.12.0b2+] | |||
|- | |||
|- | |||
| 402 || Add PyType_GetDict() || Python 3.12.0b3 in Fedora || [https://github.com/python/cpython/pull/105747 Proposed upstream] | |||
|- | |||
|- | |||
| 401 || Tests: Use setuptools+wheel from sysconfig.get_config_var('WHEEL_PKG_DIR') if set || Python 3.12.0b1 in Fedora || [https://github.com/python/cpython/pull/105056 Proposed upstream] | |||
|- | |||
| 400 || Revert removal of imp and find_module modules || Python 3.12.0b1 in Fedora || Downstream only | |||
|- | |||
| 399 || CVE-2023-24329 in urllib.parse || Everywhere || [https://github.com/python/cpython/commit/2f630e1ce18ad2e07428296532a68b11dc66ad10 Fixed upstream] | |||
|- | |||
|- | |||
| 398 || gh-103295: fix stack overwrite on 32-bit in perf map test harness || Python 3.12.0b1 in Fedora || [https://github.com/python/cpython/pull/104811 Fixed upstream in 3.12.0b2+] | |||
|- | |||
|- | |||
| 397 || CVE-2007-4559, PEP 706: Filter for tarfile.extractall || RHEL (TBD) || Not yet | |||
|- | |||
|- | |||
| 396 || gh-100160: Remove any deprecation warnings in asyncio.get_event_loop() || Python 3.11.1 in Fedora (and possibly RHEL) || [https://github.com/python/cpython/pull/100412 Fixed upstream in 3.11.2+] | |||
|- | |||
|- | |||
| 395 || GH-100133: fix asyncio subprocess losing stderr and stdout output || Python 3.11.1 in Fedora (and possibly RHEL) || [https://github.com/python/cpython/pull/100398 Fixed upstream in 3.11.2+] | |||
|- | |||
|- | |||
| 394 ||CVE-2022-45061 - CPU denial of service via inefficient IDNA decoder || Python in RHEL || [https://github.com/python/cpython/issues/98433 Fixed upstream on 3.7+] | |||
|- | |||
|- | |||
| 393 || IDLE - fix buggy macosx patch (caused [https://bugzilla.redhat.com/show_bug.cgi?id=2142602 rhbz#2142602]) || Python 3.10.8 in Fedora || [https://github.com/python/cpython/commit/928b5f1bdeb4f9ab243ccfdf0aa0ca52839974f9 Fixed upstream] | |||
|- | |||
|- | |||
| 392 || CVE-2022-37454 XKCP: buffer overflow in the SHA-3 reference implementation || Python 3.6 in Fedora || [https://github.com/python/cpython/issues/98517 Fixed upstream on 3.7+] | |||
|- | |||
|- | |||
| 391 || CVE-2022-42919 - local privilege escalation via the multiprocessing forkserver start method || Python 3.9+ in Fedora and RHEL 8/9 || [https://github.com/python/cpython/issues/97514 Fixed upstream] | |||
|- | |||
|- | |||
| 390 || Fix make regen-test-levenshtein for out-of-tree builds || Python 3.12.0a1 in Fedora || [https://github.com/python/cpython/pull/98779 Proposed upstream] | |||
|- | |||
|- | |||
| 389 || Don't let --with-system-libmpdec / --with-system-expat use the vendored headers || Python 3.12.0a1 in Fedora || [https://github.com/python/cpython/pull/98711 Proposed upstream] | |||
|- | |||
|- | |||
| 388 || gzip/zlib buffer size on s390x - [https://bugzilla.redhat.com/show_bug.cgi?id=2131172 RHBZ#2131172] || Python 3.6-3.10 in RHEL (TBD) || No | |||
|- | |||
|- | |||
| 387 || CVE-2020-10735: large int DoS || Python 2.7/3.6 in Fedora/RHEL || [https://github.com/python/cpython/pull/96499 Fixed upstream in 3.7+] | |||
|- | |||
|- | |||
| 386 || CVE-2021-28861: open redirection in http.server || Python 3.6 in Fedora and 3.6+ in RHEL || [https://github.com/python/cpython/pull/93879 Fixed upstream in 3.7+] | |||
|- | |||
|- | |||
| 385 || Revert "bpo-23689: re module, fix memory leak..." to fix re slowdown || Python 3.11.0b3 in Fedora || [https://github.com/python/cpython/pull/93928 Reverted upstream] | |||
|- | |||
|- | |||
| 384 || Clear and reset sqlite3 statements properly in cursor iternext || Python 3.11.0b3 in Fedora || [https://github.com/python/cpython/pull/94042 Fixed upstream] | |||
|- | |||
|- | |||
| 383 || PyTuple_SET_ITEM fails to compile in C++ source || Python 3.11.0b3 in Fedora || [https://github.com/python/cpython/issues/93442 Fixed upstream] | |||
|- | |||
|- | |||
| 382 || CVE-2015-20107 || Fedora and RHEL || [https://github.com/python/cpython/commit/b9509ba7a9c668b984dab876c7926fe1dc5aa0ba Fixed upstream] | |||
|- | |||
|- | |||
| 381 || Ensure that AST nodes without explicit end positions can be compiled || Fedora python3.11 b2 || https://github.com/pytest-dev/pytest/issues/10008 | |||
|- | |||
| 380 || Update SSL certs || RHEL || fixed upstream [https://github.com/python/cpython/commit/49d65958e13db03b9a4240d8bdaff1a4be69a1d7 here] and [https://github.com/python/cpython/commit/1f34aece28d143edb94ca202e661364ca394dc8c here] | |||
|- | |||
| 379 || Fix OpenSSL version check for 3.0.1 || Fedora python3.8 || [https://github.com/python/cpython/commit/a9b3edb66f2976a5895b6399ee905ac2f27718ac commit] | |||
|- | |||
|- | |||
| 378 || Fix expat test suite || Fedora python2.7, python3.6+ || [https://bugs.python.org/issue46811 Fixed upstream] | |||
|- | |||
|- | |||
| 377 || CVE-2022-0391 || RHEL, Fedora (Py 2) || [https://bugs.python.org/issue43882 Fixed upstream] | |||
|- | |||
|- | |||
| 376|| Remove AC_C_CHAR_UNSIGNED / __CHAR_UNSIGNED__ || python3.10 || [https://github.com/python/cpython/commit/4371fbd4328781496f5f2c6938c4d9a84049b187 commit] | |||
|- | |||
|- | |||
| 375|| Fix test to enable build in i686 || python2.7, 3.6 || Downstream only | |||
|- | |||
|- | |||
| 374|| Fix asyncio initialisation guard || python3.10 || [https://github.com/python/cpython/commit/9d18045804f6db8224be14f7a618b77977f90144 commit] | |||
|- | |||
|- | |||
| 373|| Revert "bpo-40521: Per-interpreter interned strings || python3.10 || [https://github.com/python/cpython/commit/72c260cf0c71eb01eb13100b751e9d5007d00b70 commit] | |||
|- | |||
|- | |||
| 372|| CVE-2021-4189 || RHEL, Fedora (Py 2) | [https://bugs.python.org/issue43285 Fixed upstream] | |||
| | |||
|- | |||
|- | |||
| 371|| Revert Fix threading._shutdown() for the main thread || python3.9+ | [https://github.com/python/cpython/commit/94d19f606fa18a1c4d2faca1caf2f470a8ce6d46 commit] | |||
|- | |||
|- | |||
| 370|| Use monotonic clock for the GIL || RHEL | [https://bugs.python.org/issue12822 Fixed upstream] | |||
| | |||
|- | |||
|- | |||
| 369|| Change shouldRollover() methods to only rollover regular files || RHEL | [https://bugs.python.org/issue45401 Fixed upstream] | |||
| | |||
|- | |- | ||
| 368 || CVE-2021-3737 || RHEL, Fedora (Py 2) || [https://bugs.python.org/issue44022 Fixed upstream] | | 368 || CVE-2021-3737 || RHEL, Fedora (Py 2) || [https://bugs.python.org/issue44022 Fixed upstream] | ||
Line 33: | Line 223: | ||
| 362 || Reentrant threading.enumerate() call || RHEL || [https://bugs.python.org/issue44422 Fixed upstream] | | 362 || Reentrant threading.enumerate() call || RHEL || [https://bugs.python.org/issue44422 Fixed upstream] | ||
|- | |- | ||
| 361|| | | 361|| OpenSSL 3.0.0 compatibility || RHEL and python2.7 in Fedora | ||
| | | | ||
|- | |- | ||
| 360|| | | 360|| CVE-2021-3426 || RHEL | [https://bugs.python.org/issue42988 Fixed upstream] | ||
| [] | | | ||
|- | |- | ||
| 359 || CVE-2021-23336 || RHEL | | 359 || CVE-2021-23336 || RHEL | ||
Line 51: | Line 241: | ||
| [https://github.com/python/cpython/commit/c71c54c62600fd721baed3c96709e3d6e9c33817 commit] | | [https://github.com/python/cpython/commit/c71c54c62600fd721baed3c96709e3d6e9c33817 commit] | ||
|- | |- | ||
| 355|| | | 355|| CVE-2020-27619 || RHEL | [https://bugs.python.org/issue41944 Fixed upstream] | ||
| | | | ||
|- | |- | ||
| 354 || CVE-2020-26116 - HTTP request method CRLF injection in httplib || Python 2.7, 3.4 | | 354 || CVE-2020-26116 - HTTP request method CRLF injection in httplib || Python 2.7, 3.4 |
Latest revision as of 13:29, 18 December 2024
The Patches
Pushing patches upstream is tracked in the page: Upstream Python Patches.
Patch No. | Patch description | Where | Upstream status |
---|---|---|---|
446 | Resolve sinpi name clash with libm | Python 3.6 in Fedora | Fixed upstream in 3.12+ |
445 | CVE-2024-12254 - _SelectorSocketTransport.writelines is missing a flow control check allowing writes to fill memory until exhausted | Python 3.12 and older in Fedora and RHEL | Fixed upstream in 3.12+ |
444 | CVE-2024-11168 - validation of bracketed hosts found by urlsplit | Python 3.10 and older in Fedora and RHEL | Fixed upstream in 3.11+ |
443 | CVE-2024-9287 - Non-quoted paths in venv activation scripts | Python 3.6 in Fedora and RHEL | Fixed upstream in 3.9+ |
442 | Require network resource in test_urllib2.HandlerTests.test_ftp_error | Python 3.14.0a1 in Fedora | Fixed upstream |
441 | Make vectorized versions of Blake2 available on x86, too | Python 3.14.0a1 in Fedora | Open upstream |
440 | Pass main_tstate to update_global_state_for_extension() | Python 3.13.0rc2 in Fedora | Fixed upstream |
439 | Handle an empty AST body when reporting tracebacks | Python 3.13.0rc2 in Fedora | Fixed upstream |
438 | Fix ThreadedVSOCKSocketStreamTest | Python 3.8 to 3.11 in Fedora | Fixed upstream on 3.12+ |
437 | CVE-2024-6232 - Catastrophic backtracking in tarfile | Everywhere | Fixed upstream |
436 | CVE-2024-8088 - Sanitize names in zipfile.Path | Everywhere | Fixed upstream |
435 | CVE-2024-6923 - newlines in email headers | Everywhere | Fixed upstream |
434 | gh-122728: Fix SystemError in PyEval_GetLocals() | Python 3.13.0rc1 in Fedora | Fixed upstream |
433 | gh-122300: Preserve AST nodes for format specifiers with single elements | Python 3.13.0b4 in Fedora | Fixed upstream |
432 | gh-122014: Account with abi_thread in test_sysconfig.test_user_similar | Python 3.13.0b4 in Fedora | Fixed upstream |
431 | CVE-2024-4032 - incorrect IPv4 and IPv6 private ranges | Everywhere | Fixed upstream |
430 | Fix ~/.python_history emptying | Python 3.13.0b3 in Fedora | Fixed upstream |
429 | Fix JIT build race condition | Python 3.13.0b2 in Fedora | Fixed upstream |
428 | Fix PGO tests in free-threaded build | Python 3.13.0b1 in Fedora | Fixed upstream |
427 | CVE-2024-0450 | Python 3 in CentOS Stream 8 | Fixed upstream in 3.8+ |
426 | CVE-2023-6597 | Python 3 in CentOS Stream 8 | Fixed upstream in 3.8+ |
425 | Fix test_makefile_test_folders | Python 3.13.0a6, 3.12 in Fedora | Fixed upstream |
424 | Remove internal usage of @LIBPYTHON@ | Python 3.13.0a5 in Fedora | Fixed upstream |
423 | Add triplets for mips-r6 and riscv | Python 3.6 in Fedora | Fixed upstream for 3.8+ |
422 | Fix tests for XMLPullParser with Expat 2.6.0 | Python 3.12 and older in Fedora | Fixed upstream |
421 | Fix crash involving exhausted list iterator | Python 3.13.0a4 in Fedora | Fixed upstream in main (3.13) |
420 | Add again _PyCFunctionFastWithKeywords name | Python 3.13.0a4 in Fedora | Fixed upstream in main (3.13) |
419 | Fix comparison of ZLIB_RUNTIME_VERSION with non-int suffix | Python 3.10, 3.9, 3.8, 3.6 in Fedora | Fixed upstream in 3.8+ |
418 | Remove generating sbom from make regen-all | Python 3.13.0a3+4 and 3.12.2 in Fedora | Downstream only |
417 | GCC 14 tkinter -Wincompatible-pointer-types | Python 2.7 in Fedora | Downstream only |
416 | Casting issue in Python 3.12 | unused at the end | |
415 | CVE-2023-27043 in email | Everywhere in Fedora and RHEL | Fixed upstream in main (3.13) |
414 | Backport of skip_on_s390x decorator | Python 3.6 in RHEL 8, Python 3.9 in RHEL 9 | Fixed upstream in 3.11.0a6 |
413 | CVE-2022-48564 | Python 3.6 in RHEL 8 | Fixed upstream in 3.6.13 |
412 | Include new dir test/regrtestdata in the installation | Python 3.11.7 in Fedora | Fixed upstream in 3.11.8 |
411 | Intern Statically Allocated Strings Globally | Considered for Python 3.12.0 in Fedora, but was not shipped before 3.12.1 | Fixed upstream in 3.12.1 |
410 | Fix implicit function declarations in configure | Python 3.6 and 2.7 in Fedora | Fixed upstream in 3.8+ |
409 | Fix broken nice configure test (missing stdlib.h and unistd.h includes) | Python 3.6 in Fedora | Fixed upstream in 3.7+ |
408 | CVE-2022-48560 | Python 3.6 and 2.7 in RHEL 8 | Fixed upstream in 3.6.11+ |
407 | Fix implicit int compiler warning in configure check for PTHREAD_SCOPE_SYSTEM | Python 2.7, 3.9, and 3.8 in Fedora | Fixed upstream in 3.10+ |
406 | CVE-2022-48565 | Python 2.7 in Fedora and RHEL | Fixed upstream in 3.6+. |
405 | Fix C99 errors: declare functions | Python 2.7 in Fedora | Downstream only. |
404 | CVE-2023-40217 + fixups | Python in RHEL | Fixed upstream in 3.8+ |
403 | Fix TLS version in tests of Python 2.7 to support OpenSSL 3.1 | Python 2.7 in Fedora | Fixed upstream in 3.12.0b2+ |
402 | Add PyType_GetDict() | Python 3.12.0b3 in Fedora | Proposed upstream |
401 | Tests: Use setuptools+wheel from sysconfig.get_config_var('WHEEL_PKG_DIR') if set | Python 3.12.0b1 in Fedora | Proposed upstream |
400 | Revert removal of imp and find_module modules | Python 3.12.0b1 in Fedora | Downstream only |
399 | CVE-2023-24329 in urllib.parse | Everywhere | Fixed upstream |
398 | gh-103295: fix stack overwrite on 32-bit in perf map test harness | Python 3.12.0b1 in Fedora | Fixed upstream in 3.12.0b2+ |
397 | CVE-2007-4559, PEP 706: Filter for tarfile.extractall | RHEL (TBD) | Not yet |
396 | gh-100160: Remove any deprecation warnings in asyncio.get_event_loop() | Python 3.11.1 in Fedora (and possibly RHEL) | Fixed upstream in 3.11.2+ |
395 | GH-100133: fix asyncio subprocess losing stderr and stdout output | Python 3.11.1 in Fedora (and possibly RHEL) | Fixed upstream in 3.11.2+ |
394 | CVE-2022-45061 - CPU denial of service via inefficient IDNA decoder | Python in RHEL | Fixed upstream on 3.7+ |
393 | IDLE - fix buggy macosx patch (caused rhbz#2142602) | Python 3.10.8 in Fedora | Fixed upstream |
392 | CVE-2022-37454 XKCP: buffer overflow in the SHA-3 reference implementation | Python 3.6 in Fedora | Fixed upstream on 3.7+ |
391 | CVE-2022-42919 - local privilege escalation via the multiprocessing forkserver start method | Python 3.9+ in Fedora and RHEL 8/9 | Fixed upstream |
390 | Fix make regen-test-levenshtein for out-of-tree builds | Python 3.12.0a1 in Fedora | Proposed upstream |
389 | Don't let --with-system-libmpdec / --with-system-expat use the vendored headers | Python 3.12.0a1 in Fedora | Proposed upstream |
388 | gzip/zlib buffer size on s390x - RHBZ#2131172 | Python 3.6-3.10 in RHEL (TBD) | No |
387 | CVE-2020-10735: large int DoS | Python 2.7/3.6 in Fedora/RHEL | Fixed upstream in 3.7+ |
386 | CVE-2021-28861: open redirection in http.server | Python 3.6 in Fedora and 3.6+ in RHEL | Fixed upstream in 3.7+ |
385 | Revert "bpo-23689: re module, fix memory leak..." to fix re slowdown | Python 3.11.0b3 in Fedora | Reverted upstream |
384 | Clear and reset sqlite3 statements properly in cursor iternext | Python 3.11.0b3 in Fedora | Fixed upstream |
383 | PyTuple_SET_ITEM fails to compile in C++ source | Python 3.11.0b3 in Fedora | Fixed upstream |
382 | CVE-2015-20107 | Fedora and RHEL | Fixed upstream |
381 | Ensure that AST nodes without explicit end positions can be compiled | Fedora python3.11 b2 | https://github.com/pytest-dev/pytest/issues/10008 |
380 | Update SSL certs | RHEL | fixed upstream here and here |
379 | Fix OpenSSL version check for 3.0.1 | Fedora python3.8 | commit |
378 | Fix expat test suite | Fedora python2.7, python3.6+ | Fixed upstream |
377 | CVE-2022-0391 | RHEL, Fedora (Py 2) | Fixed upstream |
376 | Remove AC_C_CHAR_UNSIGNED / __CHAR_UNSIGNED__ | python3.10 | commit |
375 | Fix test to enable build in i686 | python2.7, 3.6 | Downstream only |
374 | Fix asyncio initialisation guard | python3.10 | commit |
373 | Revert "bpo-40521: Per-interpreter interned strings | python3.10 | commit |
372 | CVE-2021-4189 | Fixed upstream | |
371 | Revert Fix threading._shutdown() for the main thread | commit | |
370 | Use monotonic clock for the GIL | Fixed upstream | |
369 | Change shouldRollover() methods to only rollover regular files | Fixed upstream | |
368 | CVE-2021-3737 | RHEL, Fedora (Py 2) | Fixed upstream |
367 | sysconfig's posix_user scheme has different platlib value to distutils's unix_user | Python3.10.0rc2 | Fix merged, will be in Python 3.10.0 final |
366 | CVE-2021-3733 | RHEL, Fedora (Py 2) | Fixed upstream |
365 | CVE-2021-29921 | RHEL | Fixed upstream |
364 | Don't call PyThread_exit_thread | RHEL | Fixed upstream |
363 | Reset DeprecationWarning filters in test_importlib.test_entry_points_by_index | Python 3.10.0b3 | Proposed upstream |
362 | Reentrant threading.enumerate() call | RHEL | Fixed upstream |
361 | OpenSSL 3.0.0 compatibility | RHEL and python2.7 in Fedora | |
360 | CVE-2021-3426 | Fixed upstream | |
359 | CVE-2021-23336 | RHEL | Fixed upstream |
358 | Align pymaloc & PyGC_Head to 16 bits on 64-bit platforms | Python 3.6 and below in Fedora | Fixed upstream |
357 | CVE-2021-3177 | Python 3.8 and 3.9 in Fedora | issue with links to PRs |
356 | Backport of -ka options for pathfix.py |
Python 3 in RHEL 8 only | commit |
355 | CVE-2020-27619 | Fixed upstream | |
354 | CVE-2020-26116 - HTTP request method CRLF injection in httplib | Python 2.7, 3.4 | Fixed upstream in 3.5+ |
353 | Alternative architectures' names | All supported Pythons in Fedora/RHEL | Downstream only |
352 | CVE-2020-14422 DoS via inefficiency in IPv{4,6}Interface classes (bpo-41004) | Slated for python3.9 b5 & all maintained releases (3.5+) | |
351 | CVE-2019-20907 Fix infinite loop in the tarfile module (bpo-39017) | Slated for python3.9 b5 & all maintained releases (3.5+) | |
350 | Fix SQLite tests (bpo-40784) | python3.9 | Slated for python3.9 b2, python3.8 |
349 | fix tp_traverse visiting Py_TYPE(self) (bpo-40217, PySide2 bug) | python3.9 b1 | Slated for python3.9 b2 |
348 | never enable lchmod on Linux | python35 | bacport of commit, upstream is doing only security fixes for python35 |
347 | Reserved for lbalhar | SCL7 | fixed in 3.9 |
346 | CVE-2020-8492 | [] | |
345 | test_site fixes | [] | |
344 | CVE-2019-16935 | [] | |
343 | faulthandler fix for GCC 10 | python34, 35 and 36 | fixed upstream |
342 | Reserved for torsava | SCL7 | Downstream only |
341 | bpo39460 backport | python39 | fixed on master, will be in 3.9.0a4 |
340 | bpo39459 backport | python39 | fixed on master, will be in 3.9.0a4 |
339 | bpo16575 backport | python3 (3.7, 3.8) | fixed in git, will be in 3.7.7, 3.8.2. |
338 | test_gdb fixes for LTO | [] | |
337 | Reserved for torsava | [] | |
336 | Fix invocation of pip 19+ in a Python test | python3 in Fedora, EL | Downstream only |
335 | Add options to keep/add flags to pathfix | python3 in Fedora | Fixed upstream |
334 | Fix faulthandler.register(chain=True) stack | python3 in RHEL7 | Fixed upstream |
333 | Reduce the number of tests run during PGO | python3 in RHEL8 | Fixed upstream |
332 | CVE-2019-16056 | python and python3 in RHEL7 | Fixed upstream |
331 | Fix StructUnionType_paramfunc() | python 3.8.0b4 | Fixed upstream |
330 | CVE-2018-20852 | python and python3 in RHEL7 | Fixed upstream |
329 | Support OpenSSL FIPS mode | python3 in RHEL8 | Downstream only, partially upstream |
328 | Restore to TIMESTAMP invalidation mode as default in rpmbubild | python3, python38 | Downstream only |
327 | Enable TLS 1.3 post-handshake authentication in http.client | python3 on RHEL8 | Fixed upstream |
326 | On TLS 1.3 Don't set the post-handshake authentication verify flag on client side | python3 on RHEL8 | Fixed upstream |
325 | CVE-2019-9948 | pythons in RHEL7 and RHEL8 | Fixed upstream |
324 | CVE-2019-9740, CVE-2019-9947 fix | python3 | Fixed upstream |
323 | Coverity scan fixes | python2 and python3 in RHEL8 | Fixed upstream, bpo issues: 36367, 36292, 36291, 36262, 36289, 36212, 36147, 36186, 35680 |
322 | Skip test_ssl tests on OpenSSL 1.1.1 | Python 3.4 and 3.5 | PR for Python 3.5 |
321 | OpenSSL 1.1.1 support for Python 3.4 | Python 3.4 in Fedora | Rejected upstream and 3.4 reached EOL |
320 | CVE-2019-9636 and CVE-2019-10160 (regression of the first one) | Python <=3.4 and 2.7 in Fedora and RHEL | Fixed upstream: bpo-36216 and bpo-36742 |
319 | Fix test_tarfile on ppc64 | Python 3.6 in RHEL8 | Fixed upstream: bpo-35772 |
318 | test_ssl fixes for TLS 1.3 and OpenSSL 1.1.1 | Python 3.6 in RHEL | bpo-33618, bpo-32947 |
317 | CVE-2019-5010 fix | all CPythons | Fixed upstream |
316 | mark bdist_wininst as unsupported (for the tests) | python3 | |
315 | Fix FTBFS in test_email (mktime overflow) | python3 on F30+ | Fixed upstream |
314 | Python can sometimes create incorrect .pyc files: check I/O error (rhbz#1629982) | python in RHEL7 | Fixed upstream |
313 | Verify the value of '-s' when execute the CLI of cProfile (rhbz#1160640) | python in RHEL7 | Fixed upstream |
312 | Workaround for bz1644936 (reverts 3b699932e5ac3 temporarily) | not used | downstream workaround |
311 | Fix test_dbm_gnu for gdbm 1.15 | python3 in Fedora | Fixed upstream |
310 | CVE-2018-14647 | all cpythons | Fixed upstream |
309 | CVE-2018-1000802 | python2 | Fixed upstream |
308 | TLS 1.3 related upstream fixes | python3 and python36 in F29+ | Fixed upstream |
307 | Allow to call Py_Main() after Py_Initialize() | python3 in F29+ | Fixed upstream |
306 | Fix OSERROR 17 upon semaphore creation | python in RHEL7 | Fixed upstream |
305 | Remove 3DES from the cipher list to mitigate CVE-2016-2183 (sweet32) | python in RHEL7 | Fixed upstream |
304 | Pass os.environ to new process in test_posix::test_specify_environment | python37 | Fixed upstream |
303 | CVE-2018-1060 and CVE-2018-1061 | python in RHEL7 | Fixed upstream |
302 | Fix multiprocessing regression on newer glibcs | 3.3-3.7 in F29+ | Fixed upstream |
301 | Tools/scripts/pathfix.py: Add -n option for no backup~ | python3 in F27+ | Fixed upstream |
300 | Append the collection's name to Python's shared library file name | Python Software Collections | Downstream only |
299 | Fix ssl module, Python 2.7 doesn't have Py_MAX (fixup for 298) | python2 in F26+ | Fixed upstream |
298 | Do not send IP addresses in SNI TLS extension | python2 and python3 in F26+ | Fixed upstream |
297 | Fix -Wint-in-bool-context warnings - issue31474 | Python 2.7.14 | To be fixed in 2.7.15 |
296 | Re-add the private _set_hostport api to httplib |
Python in RHEL/CentOS 7.5 | downstream only |
295 | Fix http.client.HTTPConnection tunneling and HTTPConnection.set_tunnel with default port | Python in RHEL/CentOS 7.5 | Fixed upstream (a b c)] |
294 | Define TLS cipher suite on build time | Python 3 on F28+ | Fixed upstream |
293 | Fix for GC info alignment issue -- bug 1540316 | python2 in F28+ | Fixed upstream |
292 | Restore the public PyExc_RecursionErrorInst symbol | Python 3 in F26+ | Reported upstream |
291 | Fix undefined references to dlopen / dlsym when using strict symbol checks | Python 3 in F28+ | Fixed upstream |
290 | Fix a segfault with test_crypt when using libxcrypt instead of libcrypt | Python 3 in F28+ | Fixed upstream |
289 | make nis module build with new glibc | python3 in F28+, python37; python2 in F28+ | [] |
288 | See User:Pviktori/Avoid_usr_bin_python_in_RPM_Build | python2 in F28+ (not yet) | downstream only |
287 | Fix hanging of all threads when trying to access an inaccessible NFS server. | Python in RHEL/CentOS 7.5 | Fixed upstream |
286 | CVE-2017-1000158 | python in F25, python3 in F25, python26,33..35 | Fixed upstream |
285 | fix nondeterministic read in test_pty | python2 in Rawhide(28), F27, F26 | Fixed upstream |
284 | add PYTHONSHOWREFCOUNT environment variable | python2 in Rawhide(28), F27, F26 | Fixed upstream |
283 | COUNT_ALLOCS tests fixes | Python 2 in Rawhide (28) | Fixed upstream |
282 | Make it more likely for the system allocator to release free()d memory arenas | Python in RHEL/CentOS 7.5 | Fixed upstream |
281 | Add context parameter to xmlrpclib.ServerProxy | Python in RHEL/CentOS 7.5 | Fixed upstream |
280 | Fix test_regrtest.test_crashed on s390x |
Python 2 in Rawhide (28) | Fixed upstream |
279 | Fix memory corruption due to allocator mix | Python 3 in Rawhide (28), F27, F26, F25 | Fixed upstream |
278 | Skip failing test_sha256 from test_socket on linux kernels < 4.5 | python36 | Fixed upstream |
277 | Fix hanging tests from test_subprocess | Python 3 in Rawhide (28), F27, F26 | Fixed upstream |
276 | Increase imaplib's MAXLINE to accommodate modern mailbox sizes. | Python in RHEL/CentOS 7.5 | Fixed upstream |
275 | Fix fcntl() with integer argument on 64-bit big-endian platforms. | Python in RHEL/CentOS 7.5 | Fixed upstream |
274 | Architecture naming adjustments | Python 3 in Rawhide(28) | [] |
273 | Skip test_float_with_comma (bz#1484497) | Python 3 in F27, Rawhide(28) | [] |
272 | Reject newline characters in ftplib.FTP.putline() (bz#1478916) | Python 3 in F26, Rawhide(27) | Fixed upstream |
271 | Make test_asyncio to not depend on the current signal handler | Python 3 in F26, Rawhide(27) | Fixed upstream |
270 | Fix test_alpn_protocols from test_ssl | Python 2 and Python 3 in F26, Rawhide(27) | Fixed upstream |
269 | Fix python's recompilation with common build commands when using PGO | Python 3 in Fedora 24 | Fixed upstream |
268 | Set stream to None in case an _open() fails | Python in RHEL/CentOS 7.4 | Fixed upstream |
267 | Make pip installable inside a new venv when using the --system-site-packages flag | Python 3 in Fedora 24-25 | Fixed upstream |
266 | Make shutil.make_archive() to not ingore empty directories when creating a zip file | Python in RHEL/CentOS 7.4 | Fixed upstream |
265 | Protect the key list during fork() | Python in RHEL/CentOS 7.4 | Reported upstream |
264 | skip test_pass_by_value on aarch64 | Rawhide(F27) | Reported upstream |
263 | Fix reference leaks of certfile_bytes and keyfile_bytes at _ssl.c | Python in RHEL/CentOS 7.4 | Fixed upstream |
262 | force C.UTF-8 when Python 3 is run under the C locale | Python 3 in Rawhide(26) | PEP 538 |
261 | Use proper command line parsing in _testembed | Python 3 in F26 | Fixed upstream |
260 | Fix setuptools issues from unbundling its dependencies | Python 3 in Rawhide(26) | Reported upstream |
259 | Magic number workaround -- upstream issue 27286 | Python 3 in F24-f25 | Upstream commit 93602e3 (removed in 3.6) |
258 | skip test_aead_aes_gcm as it fails with Kernel 4.9+ | Python 3 in F26 | Fixed upstream |
257 | Workaround for wait timeouts when the system clock is set backwards (bz#1368076) | Python in RHEL/CentOS 7.4 | [] |
256 | Fix Python's incorrect parsing of certain regular expressions | Python in RHEL/CentOS 7.4 | Fixed upstream |
255 | Fix ssl module's parsing of GEN_RID subject alternative name fields in X.509 certs | Python in RHEL/CentOS 7.4 | Fixed upstream |
254 | Fix error check, so that Random.seed actually uses OS randomness | Python 3 in F26 | Fixed upstream |
253 | Define HAVE_LONG_LONG as 1. | Python 3 in F26 | Fixed upstream |
252 | Add executable option to install.py command to make it work for entry_points | Python 2 and Python 3, reverted in F27, F26 | Reported upstream |
251 | Make pip and distutils in user environment install into separate location | Python 3 in F27 | |
250 | Don't blow up on EL7 kernel (random generator) RHBZ#1410175 | Python 3, python36, python35, python34 in F26 | Reported upstream |
249 | Fix out of tree --with-dtrace builds | Python 3 in F26 | Fixed upstream |
248 | Ensure gc tracking is off when invoking weakref callbacks | Python34 in EPEL | Fixed upstream |
247 | Patch to port the ssl and hashlib module to OpenSSL 1.1.0. | Python 2 and Python 3 in F26 | Fixed upstream |
246 | Backported the build-time check for the getrandom syscall from Python 3.5.2 | Python 3 in F24 | |
245 | Skip stack overflow test on 64 bits | python33 | |
244 | Skip SSL tests | python33 | |
243 | Build properly on MIPS | python3 in F25, F26 | |
242 | HTTPoxy CVE-2016-1000110 | Everywhere | Fixed upstream |
241 | CVE-2016-5636 | python in F23, python3 in F23, F24, F25, F26, Python34 in EPEL7 | Fixed upstream (a b) |
240 | Increase test_smtplib timeouts | Python in RHEL/CentOS 7.5 | Fixed upstream |
239 | OpenSSL - "dh key too small" | EL (rh-python34-rhel-6) | Fixed upstream |
238 | CVE-2016-5699 | python3 in Fedora 23, python34 in EPEL7 | Fixed upstream |
237 | CVE-2016-0772 | Everywhere | Fixed upstream |
231 | Reserved for cstratak | [] | |
209 | Fix test breakage with Pyexpat v2.2.0 | Fedora | Fixed upstream |
208 (py3) | Skip test that fails on ppc64 | Python 3 | |
207 (py3) | Avoid incomplete _math.o with parallel builds | Python 3 | Closed upstream with different fix |
206 (py3) | Remove hf flag from arm triplet (Debianism) | Python 3 | Looks like this might be combined with patch 5001 |
205 (py3) | configure: Make libpl respect lib64 | Python 3 | |
203 (py3) | Disable tests requiring signals (due to Koji behavior) | Python 3 | |
201 (py3) | Memleak fix | Python 3 | Upstreamed, fragment of the patch remains |
200 (py3) | Fix for gettext plural form headers | Python 3 | Upstream: bpo-36239 |
196 (py3) | Test failure on ppc64le | Python 3 | |
194 (py3) | Disable tests requiring SIGHUP (due to Koji bug) | Python 3 | |
190 | gdb py-bt command fix | Python 2 (used to be 189 or 198 before F29) | Fixed upstream |
189 (py3) | Use RPM-packaged wheels for ensurepip | Python 3 in f29+ | |
Add Rewheel to ensurepip | Python 3 up to f28 | ||
188 | Hashlib test patch | Python 3 | Looks removable |
186 | Don't raise from py_compile | Python 3 | Only a test remains in downstream patch |
184 | Fixes build of ctypes against libffi with multilib wrapper | ||
180 | Enable ppc64p7 | As is, the patch is not appropriate upstream | |
178 | Don't duplicate various FLAGS in sysconfig values | Python 3 | Reported, failed review |
170 | Nicer C-level asserts in garbage collector | Python 3 | Reported, work needed to address review comments |
168 | distutils cflags, RHBZ#849994 | Upstream bpo-36235 | |
163 | Skip test with intermittent failure | ||
160 | Skip tests that require new kernel | ||
157 | uid/gid handling, RHBZ#697470 | Upstream bpo-36234 | |
155 | SELinux/httpd/ctypes workaround, RHBZ#814391 | Fixed upstream (Python 3.8.0a1) | |
153 | test_gdb fix | Fedora python2 | Fixed upstream (Python 2.7.14) |
146 | Fixes for FIPS mode | Reported, stuck | |
143 | Fix --with-tsc on ppc64 | Reported, stuck | |
137 | Skip distutils tests that fail in rpmbuild | ||
132 | unittest._skipInRpmBuild | ||
111 | Disable static libpython | ||
103 | lib64-sysconfig | Python 2 | |
102, 104 | s./usr/lib./usr/lib64. | ||
55 | Systemtap support | Reported, to be combined with DTrace, stalled | |
1 (py3) | RPath | Python 3 | |
1 (py2) | pydoc -g | Python 2 | |
0 | Config | Python 2 | — |