-
python3.11 (3.11.4-1~23.04.2) lunar-security; urgency=medium
* SECURITY UPDATE: os.path.normpath truncation with null byte
- debian/patches/CVE-2023-41105-1.patch: fix path truncation in
os.path.normpath in Include/internal/pycore_fileutils.h,
Lib/test/test_genericpath.py, Modules/posixmodule.c,
Python/fileutils.c.
- debian/patches/CVE-2023-41105-2.patch: minor fixup to avoid compiler
warnings in Python/fileutils.c.
- CVE-2023-41105
-- Marc Deslauriers <email address hidden> Thu, 07 Dec 2023 10:43:41 -0500
-
python3.11 (3.11.4-1~23.04.1) lunar-security; urgency=medium
* SECURITY UPDATE: TLS handshake bypass
- debian/patches/CVE-2023-40217.patch: avoid ssl pre-close flaw in ssl.py.
- CVE-2023-40217
-- Fabian Toepfer <email address hidden> Mon, 20 Nov 2023 16:01:59 +0100
-
python3.11 (3.11.4-1~23.04) lunar-proposed; urgency=medium
* SRU: LP: #2019538. Backport 3.11.4 to 23.04.
python3.11 (3.11.4-1) unstable; urgency=medium
* New upstream release.
python3.11 (3.11.3-2) experimental; urgency=medium
* Update to the 3.11 branch 2023-05-30.
python3.11 (3.11.3-1) experimental; urgency=medium
* New upstream release.
-- Matthias Klose <email address hidden> Fri, 09 Jun 2023 09:59:55 +0200
-
python3.11 (3.11.2-6ubuntu0.1) lunar-security; urgency=medium
* SECURITY UPDATE: Possible Bypass Blocklisting
- debian/patches/CVE-2023-24329.patch: starts
stripping C0 control and space chars in 'urlsplit' in Lib/urllib/parse.py,
Lib/test/test_urlparse.py.
- CVE-2023-24329
-- Leonidas Da Silva Barbosa <email address hidden> Tue, 30 May 2023 14:45:26 -0300
-
python3.11 (3.11.2-6) unstable; urgency=high
[ Stefano Rivera ]
* Explain more ways to pass --break-system-packages to pip.
[ Matthias Klose ]
* Fix syntax error in python3-dbg-config script. LP: #2009967.
-- Matthias Klose <email address hidden> Mon, 13 Mar 2023 13:18:29 +0100
-
python3.11 (3.11.2-5) unstable; urgency=medium
[ Matthias Klose ]
* Update VCS attributes.
* Fix error message for 'python3 -m venv dir`, when python3-venv
is not installed. Closes: #1026268.
[ Stefano Rivera ]
* Mention that deleting EXTERNALLY-MANAGED is an option, in README.venv.
* Patch: fix deadlock at shutdown when clearing thread states.
Closes: #1032019.
* Override expat embedded-library lintian false-positives. (See: #1031859)
-- Matthias Klose <email address hidden> Sun, 05 Mar 2023 09:28:49 +0100
-
python3.11 (3.11.2-4) unstable; urgency=medium
[ Stefano Rivera ]
* Revert the CCSHARED patch to test_customize_compiler, this was WIP and
didn't work.
[Matthias Klose]
* Remove build dependency on libb2-dev, oldish library.
* Build with internal mpdecimal library, so that mpdecimal can be removed
for bookworm.
-- Matthias Klose <email address hidden> Sun, 12 Feb 2023 01:48:52 +0100
-
python3.11 (3.11.2-3) unstable; urgency=medium
[ Stefano Rivera ]
* Refresh patches.
* Revert pip importlib.metadata workaround, fixed in pip 22.2.
* Declare python3.11 to be PEP 668 EXTERNALLY-MANAGED.
* Update and install README.venv, explaining this.
* Recommend ca-certificates from python3.11. Closes: #960869.
* Configure --with-ssl-default-suites=openssl. Closes: #1026802.
* Update watch file.
* Include CCSHARED override in distutils test_customize_compiler.
[Matthias Klose]
* Really new upstream version.
* Configure --with-ssl-default-suites=openssl. Closes: #1009189.
* Build-depend on libb2-dev.
* Fix removing Debian build flags from _sysconfigdata. LP: #2006738.
-- Matthias Klose <email address hidden> Fri, 10 Feb 2023 05:59:34 +0100
-
python3.11 (3.11.2-2) unstable; urgency=medium
* Really new upstream version.
* Configure --with-ssl-default-suites=openssl. Closes: #1009189.
* Build-depend on libb2-dev.
-- Matthias Klose <email address hidden> Wed, 08 Feb 2023 22:22:32 +0100
-
python3.11 (3.11.2-1) unstable; urgency=medium
* New upstream version.
-- Matthias Klose <email address hidden> Mon, 06 Feb 2023 21:27:04 +0100
-
python3.11 (3.11.1-2) unstable; urgency=medium
* Fix NameError exception in venv init (Daniel Andersson). Closes: #1026448.
* Fix FTCBFS: Pass --with-build-python (Helmut Grohne). Closes: #1024297.
-- Matthias Klose <email address hidden> Sat, 31 Dec 2022 11:23:59 +0100
-
python3.11 (3.11.1-1) unstable; urgency=medium
* Python 3.11.1 release.
-- Matthias Klose <email address hidden> Wed, 07 Dec 2022 09:49:13 +0100
-
python3.11 (3.11.0-3) unstable; urgency=medium
* Fix valgrind detection.
-- Matthias Klose <email address hidden> Fri, 04 Nov 2022 10:23:33 +0100
-
python3.11 (3.11.0-1) unstable; urgency=medium
* Python 3.11.0 release.
* Update symbols files.
-- Matthias Klose <email address hidden> Mon, 24 Oct 2022 23:26:25 +0200
-
python3.11 (3.11.0~rc2-1) unstable; urgency=medium
* Python 3.11.0 release candidate 2.
-- Matthias Klose <email address hidden> Mon, 12 Sep 2022 18:20:24 +0200