Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package python315 for openSUSE:Factory checked in at 2026-04-29 19:18:23 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python315 (Old) and /work/SRC/openSUSE:Factory/.python315.new.30200 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python315" Wed Apr 29 19:18:23 2026 rev:13 rq:1349863 version:3.15.0~a8 Changes: -------- --- /work/SRC/openSUSE:Factory/python315/python315.changes 2026-04-28 12:02:28.244710567 +0200 +++ /work/SRC/openSUSE:Factory/.python315.new.30200/python315.changes 2026-04-29 19:19:26.397004511 +0200 @@ -4,3 +4,4 @@ -- Add CVE-2026-6019-Morsel-js_output.patch protects against HTML - injection by Base64-encoding cookie values embedded in JS - (bsc#1262654, CVE-2026-6019, gh#python/cpython#90309). +- CVE-2026-6019: protect against HTML injection by + Base64-encoding cookie values embedded in JS (bsc#1262654, + gh#python/cpython#90309) + CVE-2026-6019-Morsel-js_output.patch @@ -11,3 +12,3 @@ -- Add CVE-2026-1502-reject-CRLF-HTTP-tunnel.patch which rejects - CR/LF in HTTP tunnel request headers (bsc#1261969, - CVE-2026-1502, gh#python/cpython#146211). +- CVE-2026-1502: reject CR/LF in HTTP tunnel request headers + (bsc#1261969, gh#python/cpython#146211) + CVE-2026-1502-reject-CRLF-HTTP-tunnel.patch @@ -18,3 +19,3 @@ -- Add CVE-2026-5713-validate-debug-load.patch, which validates - remote debug offset tables on load (bsc#1262132, CVE-2026-5713, - gh#python/cpython#148178). +- CVE-2026-5713: validate remote debug offset tables on load + (bsc#1262132, gh#python/cpython#148178) + CVE-2026-5713-validate-debug-load.patch @@ -25,3 +26,3 @@ -- Add CVE-2026-4786-webbrowser-open-action.patch, which fixes - webbrowser %action substitution bypass of dash-prefix check - (bsc#1262319, CVE-2026-4786, gh#python/cpython#148169). +- CVE-2026-4786: fix webbrowser %action substitution bypass of + dash-prefix check (bsc#1262319, gh#python/cpython#148169) + CVE-2026-4786-webbrowser-open-action.patch @@ -32,3 +33,3 @@ -- Add CVE-2026-6100-use-after-free-decompression.patch preventing - dangling pointer which can end in the use-after-free error - (CVE-2026-6100, bsc#1262098, gh#python/cpython#148395). +- CVE-2026-6100: prevent dangling pointer, which can end in the + use-after-free error (bsc#1262098, gh#python/cpython#148395) + CVE-2026-6100-use-after-free-decompression.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ _scmsync.obsinfo ++++++ --- /var/tmp/diff_new_pack.QK1DZw/_old 2026-04-29 19:19:27.533051052 +0200 +++ /var/tmp/diff_new_pack.QK1DZw/_new 2026-04-29 19:19:27.537051216 +0200 @@ -1,6 +1,6 @@ -mtime: 1777297792 -commit: 15f8b167b6abfc2aed3bab7b669380b068c98d376a8188cbfd5a050d67113076 +mtime: 1777389487 +commit: db293248026c1d96752c7c1824197f4395ab0ae8a863eba5b9f004f621e0338e url: https://src.opensuse.org/python-interpreters/python315 -revision: 15f8b167b6abfc2aed3bab7b669380b068c98d376a8188cbfd5a050d67113076 +revision: db293248026c1d96752c7c1824197f4395ab0ae8a863eba5b9f004f621e0338e projectscmsync: https://src.opensuse.org/python-interpreters/_ObsPrj ++++++ build.specials.obscpio ++++++ ++++++ build.specials.obscpio ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/.gitignore new/.gitignore --- old/.gitignore 1970-01-01 01:00:00.000000000 +0100 +++ new/.gitignore 2026-04-28 17:18:07.000000000 +0200 @@ -0,0 +1,5 @@ +*.obscpio +*.osc +_build.* +.pbuild +python315-*-build/
