python-2.7.18-150000.68.1<>,؄gM p9|"t,(Út$LuS/.6^Gq+a1A (qN(|p= 1S|keX5 }Z&J?'!ׯH98$xs@ni iߛL`^N(bl RXq5.9k}2O$;IPo/~)gY~SNf@\Pt7*cv:<|S(f`Y^#Q/j "P)ȱs|`]>Cd?Td   / $<BL    x . /,1477::L:=)(=j8=tr9?<r:Fr>@BFGH\IX\YpZ[\]^f bac defluv wHxìyzPCpython2.7.18150000.68.1Python InterpreterPython is an interpreted, object-oriented programming language, and is often compared to Tcl, Perl, Scheme, or Java. You can find an overview of Python in the documentation and tutorials included in the python-doc (HTML) or python-doc-pdf (PDF) packages. If you want to install third party modules using distutils, you need to install python-devel package.gM h03-ch2bSUSE Linux Enterprise 15SUSE LLC Python-2.0https://www.suse.com/Development/Languages/Pythonhttps://www.python.org/linuxx86_64>t00 PP,CII-&22x__K [[L ``=IPPFF;&M"M"66U c c"R"RK#WW g g g-77;-- ""& w w D D `**@@  "/mmOD==BB>$;;`RGj8 v n -8<<7&& <JAJA:OO;`X`X ==10AA큤A큤AA큤A큤A큤gMgMg4gMgMg4gMgMg4gMgMg4gMgMg4gMgMg4gMgMg4gMgMgMg4gMgMg4gMgMg4gMgMg4gMgMg4gMgMg4gMgMg4gMgMg4gMgMg4gMgMg4gMgMg4gMgMg4gMgMg4gMgMg4gMgMg4gMgMg4gMgMg4gMgMg4gMgMg4gMgMg4gMgMg4gMgMg4gMgMg4gMgMg4gMgMg4gMgMgMgMgMgMgMgMgMg4gMgMg4gMgMg4gMgMgMg4gMgMg4gMgMg4gMgMg4gMgMg4gMgMg4gMgMg4gMgMg4gMgMg4gMgMg4gMgMg4gMgMgMgMgMgMfd6c6e5b098ade0aa1b123b2963e56728eb3619754881baff7fb10fb165becdbbde79fc3885f60f31ee656d86ee7cfef30fdf7d3018c8fd805982d9fc8120994bde79fc3885f60f31ee656d86ee7cfef30fdf7d3018c8fd805982d9fc8120994abd3f646419f3a33f64814342bb894047bfda3ec695286aa2b07e340700f733f93c068a02b190c3684397f5b922dfaeefee3df3bdb1e25d963ee7fb379d13ad293c068a02b190c3684397f5b922dfaeefee3df3bdb1e25d963ee7fb379d13ad2fa3f60506840cc9f608d660fcd6265dbb22b53362a4bfdd98cd9c98876927308ae4879a4cfdf41b86bbf1443dffe9dddad2970a7d3e778b2ba6e394948344ee9ae4879a4cfdf41b86bbf1443dffe9dddad2970a7d3e778b2ba6e394948344ee9046a34799e33a47832a21f34ded777c64616710f52cc75e7116796442c05cd43df4d1ab57e0e1c6d3de7fffbdec903d428d3e4df09d3da3ece8a7a72f057b9b4df4d1ab57e0e1c6d3de7fffbdec903d428d3e4df09d3da3ece8a7a72f057b9b4228a008dd77f0bfe90718c9577fab61ef96b7adb4e608c5492385cea0c206e2de1518148ca189c962d5e06b805c9e774c606ab5ae8dbab4a45c07751f2bea6c4e1518148ca189c962d5e06b805c9e774c606ab5ae8dbab4a45c07751f2bea6c4b708a282a1e9d211cccbdcc194ec3c6f8894a7e9ae003806b933f2c0cbde5f23a8032dba6ef0eec2603fd85ee234fac65ff8475fa71181748e5cb5a2510b4d8d71e94b72114736c23e7a8ad609ba35578fa52dcb9a6aec547b0b83fd8e4df39daf71194b97feb43ce6583f4f2fe8f894d8df89b2565bff32daecc7c42f7b0eef5afa7deaa3c57121f134a8289b3c4d2de63f1ce0090172e17f485482e3129cc25afa7deaa3c57121f134a8289b3c4d2de63f1ce0090172e17f485482e3129cc2e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b8550761477d9374fcc8a319dc390b44059c55843adae48b57fb69c78acf76b723680761477d9374fcc8a319dc390b44059c55843adae48b57fb69c78acf76b72368df8c414bcf1679eec7aa0bff235cdf98829730da9b75ad50baa432b7ee87d2e428eec8bbf9df6dad6f59d525b24ab7b265758f45130657ec0b291d521884d23728eec8bbf9df6dad6f59d525b24ab7b265758f45130657ec0b291d521884d237b379c1e0ea1bc3db50745e3700fbd617b58424ce07f96dae45ab79ddc56d7b305f7069e1cfb6a48f7cc69212784da20d686ded1a82d4fec25b7ae905554388f75f7069e1cfb6a48f7cc69212784da20d686ded1a82d4fec25b7ae905554388f77b22ab3d374af60bb0eb9693c736e502b0e530263916c416611fe5ee8790e3ccf1d6e210d4b693a2265de57f5c6c7778f5160e74769b886f9329242d81b0e2e2f1d6e210d4b693a2265de57f5c6c7778f5160e74769b886f9329242d81b0e2e22b29f5758fb7a2b3e876794c563b53aaebb88529ea40c6374975be54f83237b8b6dae72b3c7985b5b14fa578b2c1c3964f29c97e063dc853e345f0d3f95bb398b6dae72b3c7985b5b14fa578b2c1c3964f29c97e063dc853e345f0d3f95bb398cc530147bfd552b8ea9c2613f7956de578196a3129b01d73ff50925094af826b101182b8c9ac0c69faee73488a5fb8375465c108df67efdf4b72502c4dead688101182b8c9ac0c69faee73488a5fb8375465c108df67efdf4b72502c4dead68889bbcb75081406a2dd0d728e09138a21f469634cf7aef1e5c55f2779a9a6b7638eca934507eb524bcfe7577d5ceb55a2926125ac72a5874e5db76eb51524ee9b8eca934507eb524bcfe7577d5ceb55a2926125ac72a5874e5db76eb51524ee9b08cca8469491cfead102a6bef69be1afab7529e129001a4ffb31433766a4335d2830158a5e0b6216df95339c57b153fe208603be5c7bc496a6118f0b246f85a12830158a5e0b6216df95339c57b153fe208603be5c7bc496a6118f0b246f85a13f207cd262365b5c64246a76caf4fe319255eb83493a0985976607440c2c19e570520692a984afe753a4644fc4d6bc8b303989acefe8358438b503137405fb3870520692a984afe753a4644fc4d6bc8b303989acefe8358438b503137405fb38ef974db90bc549f14427a792ccfd7c6bdade19f281a679e2197cb18f3b13a811bda0cc6f3934774876bb8c549b190c51ad8abff0faa7d3f1a11420afe16f177cbda0cc6f3934774876bb8c549b190c51ad8abff0faa7d3f1a11420afe16f177cc6ddc76661905a142bb489e72a19bb3c4ec045b4193656518acd4430f8ecbbdc64007a1f4b1b51543d7017fd7230572678281efc5ca6157df3447bc9bb47f9fd64007a1f4b1b51543d7017fd7230572678281efc5ca6157df3447bc9bb47f9fd4e721a412fd4561c75485a1c4cf11262aa5d82bc68bd5d984629b62b398221d493d49b803cce9af6966eb20571db7ae9ca4ee455e5fee7803b5bac6597476cd593d49b803cce9af6966eb20571db7ae9ca4ee455e5fee7803b5bac6597476cd5c622e4e53e332adaeb9a9ecd06f109c319be5146eb7de4b95c8bedc72cd819faebec9e6282c318aaa1dd3829e368bccdb5c24fc8de7125aff637119f966a63aeebec9e6282c318aaa1dd3829e368bccdb5c24fc8de7125aff637119f966a63ae83f7d09faa6a85a2cfe48f30e75252019da7356c97f5ff8a50a3db246c55dcff55ddf17057609453f350d1652a89b890c8c51829d7d136f2d550b1a6d3a60fbd55ddf17057609453f350d1652a89b890c8c51829d7d136f2d550b1a6d3a60fbd832dd1a240df8ab4bb34d8f2597591f614a5312faa4a867e287ad4c7bf2998087d3fdc59c3a7a2cf83c62557a8ec4b349663b0223047b05e055ae5aa80a7da227d3fdc59c3a7a2cf83c62557a8ec4b349663b0223047b05e055ae5aa80a7da226ff2b127c2698dc1384dedb8b99c70d305bf7511cd9a51be1a98c8c97fd23d69c645dbec397e45af7b3bc713a8623a7429ade778a5231a541b8f7a77f7ed8afac645dbec397e45af7b3bc713a8623a7429ade778a5231a541b8f7a77f7ed8afa1c57c2ca2176e7d7b88e983a86cc904d22f480ccf5f124a213728b51a961e9435a449b3565fd8d098b336f53e3f47414c91e3a3b037c5ae09e4b15b959eb7a485a449b3565fd8d098b336f53e3f47414c91e3a3b037c5ae09e4b15b959eb7a4820a74746b7619ff8dc09a2538bef118bfcf001908524d77d9dc8d831a19f03c97a4fbe54d69b727df7c01924a785556e5466092c498ac2233f2d4d374e989c677a4fbe54d69b727df7c01924a785556e5466092c498ac2233f2d4d374e989c6799be4f02902c038f1558b7cb9524bc4b42a6564fa6616f070b718b905ddfe62d50ac650a57629290e91f1cb0812f6f7d5be2cac402cf1e642de8886ae68df33050ac650a57629290e91f1cb0812f6f7d5be2cac402cf1e642de8886ae68df33065f3f64e35c9db4f85672bf2193f645ab2ea2d3649bb28eba5d83e6a3f804d4ffb90a33e029ad7ef39aca9d2ccfe1e777382f16830abefa25afccda31e97e58afb90a33e029ad7ef39aca9d2ccfe1e777382f16830abefa25afccda31e97e58a5915ab9ffdfa1e5299c7512175011a7ced2bc924970de1eee645bc3943c482a0bf5f622df1efc52ac3c966d287da4923e32add1b7960f6cc21ecda7ef11b593bbf5f622df1efc52ac3c966d287da4923e32add1b7960f6cc21ecda7ef11b593bcb65b79ad7a67f67fc49cd170648d9e2a4dd7cd72cf4a013a032f680bc2cb7386697b0829bd5fcd64d2f39324597aeb37dde9a47689b7536f119c61f893feada6697b0829bd5fcd64d2f39324597aeb37dde9a47689b7536f119c61f893feadaf97b0df5f745f51f764634e3c0965295f2d1643d12ad8a94ba0e1a32301d390f575d4369b80099038b0c4b6b8414067728e4a23618ca26fda6dfb5e98779da7f575d4369b80099038b0c4b6b8414067728e4a23618ca26fda6dfb5e98779da7f4f05568dd9fa927ef7f6e7b0189567e3d46b8a70a6f9eedee80d2eeab7fda7ce64a6fc7470f4a66c3be2a94d71b4c53cca16078c13229c806d71eb1caef787ab64a6fc7470f4a66c3be2a94d71b4c53cca16078c13229c806d71eb1caef787abe3850d1a493b6b958e2bd9f66ec8b62a0d72ebb7c3eafcb83cfddf4faf920dd2197e53b8d8bb021415daed3ba4ffbdd98a8014900bf57d658ec94cddce28b7bc197e53b8d8bb021415daed3ba4ffbdd98a8014900bf57d658ec94cddce28b7bc786f435c5cb5c6d269d0e5d4df349c7efa29175a4bf863cadc727301b3c8b266b33bd2e252e9f92912573cb74e199801e1a2a88d408a6656bb0ed7a68f869306c7604b586bbc1f3e17aecb1d9daecf836def3d565b64fd85983a43c17342c5f7c16aaed25c1ae62be255c0c082fdf7995e2d8b75a3621264942e680896f4d8c595213c413b4b6569ef564d0fe58c0e13ea786c1d4ee3fd3b830ab5f2aab37976a57e80b8a0d16549b7a466ef3585bc8f13c1983dcf13845b22be1a748be3a0e6277eb163a2b064061e5f84b904e37b54fa0010970a74e083488e1ed04960e7c7277eb163a2b064061e5f84b904e37b54fa0010970a74e083488e1ed04960e7c75186810c169e033eae41c2010a89c982276999b94f1d4cebc5b9267f8e97ab70830e705e684c2612ad8dda3ee157a95b1d290baf5504f00447453ae6418b8294830e705e684c2612ad8dda3ee157a95b1d290baf5504f00447453ae6418b82944268c68294b00b82adc2dba7e600310cb45c468e5780aff2455eb8103d21d2824665da300ca433e0fb7d86b85f3ee26b887f808413dbf3a292d61d17fcc988424665da300ca433e0fb7d86b85f3ee26b887f808413dbf3a292d61d17fcc98842e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855724a6f2b61251b7339e7069d4214026b1eb450711e8099fbce866d9c50e58e32724a6f2b61251b7339e7069d4214026b1eb450711e8099fbce866d9c50e58e3247532d524864d6ad2aa109f05f7bf77b68d48772fe421efb29605e23bad8ddc0d535ed7e007df7e1fa30db2546c304284995b6cacd11a1eebfe735dcb8ef461a965a945c42619368b2760caa7c2f5e23ca304c4b93bca0e89b79d061f9d9b4b8b86371d3fc23f7b32d2c4fd4728e91ad1dc0fa95f253ee27fad4ba9025cd8a9f3a3d5ad5e3c35d50b06a3bbb1eaeb6bb356afb8b7e0dbefa942c01522cd0624f3a3d5ad5e3c35d50b06a3bbb1eaeb6bb356afb8b7e0dbefa942c01522cd0624f37b4cb47babf65937b399f9dbc7fca98c3bf0528f3f0de63e3774c4326bf78754267e4397efe2d7dcdc2776237494d57fced67aed05a69dcfcd3283a6b2814384267e4397efe2d7dcdc2776237494d57fced67aed05a69dcfcd3283a6b2814387d9827fec848c29932e32465e761271475a0edca1ea0b4f2961e6d4521c632f3c95c2245bf0888a1a62015daa963ea9549ea26e1cbdb95f0f8087ff8613f4fb3c95c2245bf0888a1a62015daa963ea9549ea26e1cbdb95f0f8087ff8613f4fb3e10c9954f20298e5ba4d7a6628b9df60f8ae907e9a7336293330f2fbdc81e137d83bb4a855fa80336dfc01b3e14bd7d07257c056c7ab09848c59b87504a0971ad83bb4a855fa80336dfc01b3e14bd7d07257c056c7ab09848c59b87504a0971a00b137ea0cd5d5bced4ad9b4c0665a83efc3b3039756eb11dce285a65fd23b0fb3ee29c496531c1ca3df296d0247f7ecf83b81a1f98d239c0e047873e68bfa1ab3ee29c496531c1ca3df296d0247f7ecf83b81a1f98d239c0e047873e68bfa1a7e90a937b6d21b59029d2b66b1276eed2451d5f5bdd115aa9b16175b581be43a6cc1146e8fdc01fe513f79e8b5c577e4f4dc98718dad50ae4ce6c4d4217439c06cc1146e8fdc01fe513f79e8b5c577e4f4dc98718dad50ae4ce6c4d4217439c016da7063b627f6ba101642ee6a3e8814fa88b3ab1912bad182e72caf48e85d87b4b5459add57bd63478a1a6788ce301d22292b1554c90605bc3bf62a20ff293eb4b5459add57bd63478a1a6788ce301d22292b1554c90605bc3bf62a20ff293e1ae0959ef8161b6a63e22dd21b776af8a6c040135d4c7d3bc721dacb5c99d6c438f40c67d38a573da8947de5664c4327fb01ab572470a9caaad706987da40e6238f40c67d38a573da8947de5664c4327fb01ab572470a9caaad706987da40e62369b613a54ce6e385476ee99b3c0d7defe482a742b2ef6a97a98e76c507822305e187f61a2c4a07ad05f5a70c0fe7ec70ae91b9fc85e81c42be3cb435e6da7f85e187f61a2c4a07ad05f5a70c0fe7ec70ae91b9fc85e81c42be3cb435e6da7f8de4d1f2d2ad5ad0cfd1657a106476b31cb5db5ef9d1ff842b237c0c81f0c8a239f47df778a81f7a6db680f44c1611a5b4c4c9c4ff840b09d3bcf6fea974cdf2ac1649ee90f8535de061b77e5db7a60bdd33daa50c5fbd48f54123fd1c2127854rootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootpython-2.7.18-150000.68.1.src.rpmpythonpythonpython(x86-64)python2python2_split_startup@@@@@@@@@@@@@@@@@     /sbin/ldconfig/sbin/ldconfiglibc.so.6()(64bit)libc.so.6(GLIBC_2.14)(64bit)libc.so.6(GLIBC_2.15)(64bit)libc.so.6(GLIBC_2.2.5)(64bit)libc.so.6(GLIBC_2.3.4)(64bit)libc.so.6(GLIBC_2.4)(64bit)libcrypto.so.1.1()(64bit)libcrypto.so.1.1(OPENSSL_1_1_0)(64bit)libdb-4.8.so()(64bit)libpthread.so.0()(64bit)libpthread.so.0(GLIBC_2.2.5)(64bit)libpython2.7.so.1.0()(64bit)libreadline.so.7()(64bit)libsqlite3.so.0()(64bit)libssl.so.1.1()(64bit)libssl.so.1.1(OPENSSL_1_1_0)(64bit)python(abi)python-baserpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PartialHardlinkSets)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)2.72.7.183.0.4-14.6.0-14.0.4-14.0-15.2-14.14.1g4f@fH@f?]fh@e,e @eedeeeRd˖dD@dq@du@dtdm@dxdc>@cӼc0c|ck@c pcbbb@b@b@ba@a@a(@aim@aI@a'@a#aj@a`t`8`_T^J^@^@^>^>^;^8 @^.^g@^ @]f@]@]]]d@]d@]@]z@]V]y@]9]1]\t@\\7\7\\J@\J@\C@\2[[#@[6@[@[ @[Za@Z@ZxG@ZtRZp^@Z CVE-2021-3737-fix-HTTP-client-infinite-line-reading-after-a-HTTP-100-Continue.patch (boo#1189241, CVE-2021-3737)- Renamed patch for assigned CVE: * bpo43075-fix-ReDoS-in-request.patch -> CVE-2021-3733-fix-ReDoS-in-request.patch (boo#1189287, CVE-2021-3733) - Fix python-doc build (bpo#35293): * sphinx-update-removed-function.patch - Update documentation formatting for Sphinx 3.0 (bpo#40204).- Add bpo43075-fix-ReDoS-in-request.patch which fixes ReDoS in request (bpo#43075, boo#1189287). - Add missing security announcement to bpo44022-fix-http-client-infinite-line-reading-after-a-HTTP-100-Continue.patch.- Add bpo44022-fix-http-client-infinite-line-reading-after-a-HTTP-100-Continue.patch which fixes http client infinite line reading (DoS) after a http 100 (bpo#44022, boo#1189241).- Modify Lib/ensurepip/__init__.py to contain the same version numbers as are in reality the ones in the bundled wheels (bsc#1187668).- Add CVE-2021-23336-only-amp-as-query-sep.patch which forbids use of semicolon as a query string separator (bpo#42967, bsc#1182379, CVE-2021-23336).- Add CVE-2021-3177-buf_ovrfl_PyCArg_repr.patch fixing bsc#1181126 (CVE-2021-3177) buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution.- (bsc#1180125) We really don't Require python-rpm-macros package. Unnecessary dependency.- Add patch configure_PYTHON_FOR_REGEN.patch which makes configure.ac to consider the correct version of PYTHON_FO_REGEN (bsc#1078326).- Use python3-Sphinx on anything more recent than SLE-15 (inclusive).- Update to 2.7.18, final release of Python 2. Ever.: - Newline characters have been escaped when performing uu encoding to prevent them from overflowing into to content section of the encoded file. This prevents malicious or accidental modification of data during the decoding process. - Fixes a ReDoS vulnerability in `http.cookiejar`. Patch by Ben Caller. - Fixed line numbers and column offsets for AST nodes for calls without arguments in decorators. - bsc#1155094 (CVE-2019-18348) Disallow control characters in hostnames in http.client. Such potentially malicious header injection URLs now cause a InvalidURL to be raised. - Fix urllib.urlretrieve failing on subsequent ftp transfers from the same host. - Fix problems identified by GCC's -Wstringop-truncation warning. - AddRefActCtx() was needlessly being checked for failure in PC/dl_nt.c. - Prevent failure of test_relative_path in test_py_compile on macOS Catalina. - Fixed possible leak in `PyArg_Parse` and similar functions for format units "es#" and "et#" when the macro `PY_SSIZE_T_CLEAN` is not defined. - Remove upstreamed patches: - CVE-2019-18348-CRLF_injection_via_host_part.patch - python-2.7.14-CVE-2017-1000158.patch - CVE-2018-14647_XML_SetHashSalt-in_elementtree.patch - CVE-2018-1061-DOS-via-regexp-difflib.patch - CVE-2019-10160-netloc-port-regression.patch - CVE-2019-16056-email-parse-addr.patch- Add CVE-2019-9674-zip-bomb.patch to improve documentation warning about dangers of zip-bombs and other security problems with zipfile library. (bsc#1162825 CVE-2019-9674)- Change to Requires: libpython%{so_version} == %{version}-%{release} to python-base to keep both packages always synchronized (add %{so_version}) (bsc#1162224).- Add CVE-2020-8492-urllib-ReDoS.patch fixing the security bug "Python urrlib allowed an HTTP server to conduct Regular Expression Denial of Service (ReDoS)" (bsc#1162367)- Provide python-testsuite from devel subkg to ease py2->py3 dependencies- Add python-2.7.17-switch-off-failing-SSL-tests.patch to switch off tests coliding with the combination of modern Python and ancient OpenSSL on SLE-12.- libnsl is required only on more recent SLEs and openSUSE, older glibc supported NIS on its own.- Add provides in gdbm subpackage to provide dbm symbols. This allows us to use %%{python_module dbm} as a dependency and have it properly resolved for both python2 and python3- Drop appstream-glib BuildRequires and no longer call appstream-util validate-relax: eliminate a build cycle between as-glib and python. The only thing would would gain by calling as-uril is catching if upstream breaks the appdata.xml file in a future release. Considering py2 is dying, chances for a new release, let alone one breaking the xml file, are slim.- Unify packages among openSUSE:Factory and SLE versions. (bsc#1159035) ; add missing records to this changelog. - Add idle.desktop and idle.appdata.xml to provide IDLE in menus (bsc#1153830)- Add python2_split_startup Provide to make it possible to conflict older packages by shared-python-startup.- Move /etc/pythonstart script to shared-python-startup package.- Add bpo-36576-skip_tests_for_OpenSSL-111.patch (originally from bpo#36576) skipping tests failing with OpenSSL 1.1.1. Fixes bsc#1149792- Add adapted-from-F00251-change-user-install-location.patch fixing pip/distutils to install into /usr/local.- Update to 2.7.17: - a bug fix release in the Python 2.7.x series. It is expected to be the penultimate release for Python 2.7. - Removed patches included upstream: - CVE-2018-20852-cookie-domain-check.patch - CVE-2019-16935-xmlrpc-doc-server_title.patch - CVE-2019-9636-netloc-no-decompose-characters.patch - CVE-2019-9947-no-ctrl-char-http.patch - CVE-2019-9948-avoid_local-file.patch - python-2.7.14-CVE-2018-1000030-1.patch - python-2.7.14-CVE-2018-1000030-2.patch - Renamed remove-static-libpython.diff and python-bsddb6.diff to remove-static-libpython.patch and python-bsddb6.patch to unify filenames.- Add CVE-2019-16935-xmlrpc-doc-server_title.patch fixing bsc#1153238 (aka CVE-2019-16935) fixing a reflected XSS in python/Lib/DocXMLRPCServer.py- Add bpo36302-sort-module-sources.patch (boo#1041090)- Add CVE-2019-16056-email-parse-addr.patch fixing the email module wrongly parses email addresses [bsc#1149955, CVE-2019-16056]- boo#1141853 (CVE-2018-20852) add CVE-2018-20852-cookie-domain-check.patch fixing http.cookiejar.DefaultPolicy.domain_return_ok which did not correctly validate the domain: it could be tricked into sending cookies to the wrong server.- Skip test_urllib2_localnet that randomly fails in OBS- bsc#1138459: add CVE-2019-10160-netloc-port-regression.patch which fixes regression introduced by the previous patch. (CVE-2019-10160) Upstream gh#python/cpython#13812- Set _lto_cflags to nil as it will prevent to propage LTO for Python modules that are built in a separate package.- bsc#1130840 (CVE-2019-9947): add CVE-2019-9947-no-ctrl-char-http.patch Address the issue by disallowing URL paths with embedded whitespace or control characters through into the underlying http client request. Such potentially malicious header injection URLs now cause a ValueError to be raised.- bsc#1130847 (CVE-2019-9948) add CVE-2019-9948-avoid_local-file.patch removing unnecessary (and potentially harmful) URL scheme local-file://.- bsc#1129346: add CVE-2019-9636-netloc-no-decompose-characters.patch Characters in the netloc attribute that decompose under NFKC normalization (as used by the IDNA encoding) into any of ``/``, ``?``, ``#``, ``@``, or ``:`` will raise a ValueError. If the URL is decomposed before parsing, or is not a Unicode string, no error will be raised (CVE-2019-9636). Upstream commits e37ef41 and 507bd8c.- (bsc#1111793) Update to 2.7.16: * bugfix-only release: complete list of changes on https://github.com/python/cpython/blob/2.7/Misc/NEWS.d/2.7.16rc1.rst * Removed openssl-111.patch and CVE-2018-1000802-shutil_use_subprocess_no_spawn.patch which are fully included in the tarball. * Updated patches to apply cleanly: CVE-2019-5010-null-defer-x509-cert-DOS.patch bpo36160-init-sysconfig_vars.patch do-not-use-non-ascii-in-test_ssl.patch openssl-111-middlebox-compat.patch openssl-111-ssl_options.patch python-2.5.1-sqlite.patch python-2.6-gettext-plurals.patch python-2.7-dirs.patch python-2.7.2-fix_date_time_compiler.patch python-2.7.4-canonicalize2.patch python-2.7.5-multilib.patch python-2.7.9-ssl_ca_path.patch python-bsddb6.diff remove-static-libpython.patch * Update python-2.7.5-multilib.patch to pass with new platlib regime.- bsc#1109847 (CVE-2018-14647): add CVE-2018-14647_XML_SetHashSalt-in_elementtree.patch fixing bpo-34623.- bsc#1073748: add bpo-29347-dereferencing-undefined-pointers.patch PyWeakref_NewProxy@Objects/weakrefobject.c creates new isntance of PyWeakReference struct and does not intialize wr_prev and wr_next of new isntance. These pointers can have garbage and point to random memory locations. Python should not crash while destroying the isntance created in the same interpreter function. As per my understanding, both wr_prev and wr_next of PyWeakReference instance should be initialized to NULL to avoid segfault.- bsc#1122191: add CVE-2019-5010-null-defer-x509-cert-DOS.patch fixing bpo-35746 (CVE-2019-5010). An exploitable denial-of-service vulnerability exists in the X509 certificate parser of Python.org Python 2.7.11 / 3.7.2. A specially crafted X509 certificate can cause a NULL pointer dereference, resulting in a denial of service. An attacker can initiate or accept TLS connections using crafted certificates to trigger this vulnerability.- Use upstream-recommended %{_rpmconfigdir}/macros.d directory for the rpm macros.- Add patch openssl-111.patch to work with openssl-1.1.1 (bsc#1113755)- Apply "CVE-2018-1000802-shutil_use_subprocess_no_spawn.patch" which converts shutil._call_external_zip to use subprocess rather than distutils.spawn. [bsc#1109663, CVE-2018-1000802]- Apply "CVE-2018-1061-DOS-via-regexp-difflib.patch" to prevent low-grade poplib REDOS (CVE-2018-1060) and to prevent difflib REDOS (CVE-2018-1061). Prior to this patch mail server's timestamp was susceptible to catastrophic backtracking on long evil response from the server. Also, it was susceptible to catastrophic backtracking, which was a potential DOS vector. [bsc#1088004 and bsc#1088009, CVE-2018-1061 and CVE-2018-1060]- Apply "CVE-2017-18207.patch" to add a check to Lib/wave.py that verifies that at least one channel is provided. Prior to this check, attackers could cause a denial of service (divide-by-zero error and application crash) via a crafted wav format audio file. [bsc#1083507, CVE-2017-18207]- Apply "python-sorted_tar.patch" (bsc#1086001, boo#1081750) sort tarfile output directory listing- update to 2.7.15 * dozens of bugfixes, see NEWS for details - removed obsolete patches: * python-ncurses-6.0-accessors.patch * python-fix-shebang.patch * gcc8-miscompilation-fix.patch - add patch from upstream: * do-not-use-non-ascii-in-test_ssl.patch- Add gcc8-miscompilation-fix.patch (boo#1084650).- Apply "python-2.7.14-CVE-2017-1000158.patch" to prevent integer overflows in PyString_DecodeEscape that could have resulted in heap-based buffer overflow attacks and possible arbitrary code execution. [bsc#1068664, CVE-2017-1000158]- exclude test_socket & test_subprocess for PowerPC boo#1078485 (same ref as previous change)- Add python-skip_random_failing_tests.patch bypass boo#1078485 and exclude many tests for PowerPC- Add patch python-fix-shebang.patch to fix bsc#1078326- exclude test_regrtest for s390, where it does not segfault as it should (fixes bsc#1073269) - fix segfault while creating weakref - bsc#1073748, bpo#29347 (this is actually fixed by the 2.7.14 update; mentioning this for purposes of bugfix tracking)- update to 2.7.14 * dozens of bugfixes, see NEWS for details * fixed possible integer overflow in PyString_DecodeEscape (CVE-2017-1000158, bsc#1068664) * fixed segfaults with dict mutated during search * fixed possible free-after-use problems with buffer objects with custom indexing * fixed urllib.splithost to correctly parse fragments (bpo-30500) - drop upstreamed python-2.7.13-overflow_check.patch - drop unneeded python-2.7.12-makeopcode.patch - drop upstreamed 0001-2.7-bpo-30714-ALPN-changes-for-OpenSSL-1.1.0f-3094.patch - Apply "python-2.7.14-CVE-2018-1000030-1.patch" and "python-2.7.14-CVE-2018-1000030-2.patch" to remedy a bug that would crash the Python interpreter when multiple threads used the same I/O stream concurrently. This issue is not classified as a security vulnerability due to the fact that an attacker must be able to run code, however in some situations -- such as function as a service -- this vulnerability can potentially be used by an attacker to violate a trust boundary. [bsc#1079300, CVE-2018-1000030]- Call python2 instead of python in macros- Fix test broken with OpenSSL 1.1 (bsc#1042670) * add 0001-2.7-bpo-30714-ALPN-changes-for-OpenSSL-1.1.0f-3094.patch- drop SUSE_ASNEEDED=0 as it is not needed anymore- Add libnsl-devel build requires for glibc obsoleting libnsl- obsolete/provide python-argparse and provide python2-argparse, because the argparse module is available from python 2.7 up- SLE package update (bsc#1027282) - refresh python-2.7.5-multilib.patch - dropped upstreamed patches: python-fix-short-dh.patch python-2.7.7-mhlib-linkcount.patch python-2.7-urllib2-localnet-ssl.patch CVE-2016-0772-smtplib-starttls.patch CVE-2016-5699-http-header-injection.patch CVE-2016-5636-zipimporter-overflow.patch python-2.7-httpoxy.patch - Add python-ncurses-6.0-accessors.patch: Fix build with NCurses 6.0 and OPAQUE_WINDOW set to 1. (dimstar@opensuse.org)- Add reproducible.patch to allow reproducible builds of various python packages like python-amqp Upstream: https://github.com/python/cpython/pull/296- update to 2.7.13 * dozens of bugfixes, see NEWS for details * updated cipher lists for openssl wrapper, support openssl >= 1.1.0 * properly fix HTTPoxy (CVE-2016-1000110) * profile-opt build now applies PGO to modules as well - update python-2.7.10-overflow_check.patch with python-2.7.13-overflow_check.patch, incorporating upstream changes (bnc#964182) - add "-fwrapv" to optflags explicitly because upstream code still relies on it in many places- provide python2-* symbols, for support of new packages built as python2-foo - rename macros.python to macros.python2 accordingly - require python-rpm-macros package, drop macro definitions from macros.python2- initial packaging of `python27` side-by-side variant (fate#321075, bsc#997436) - renamed `python` to `python27` in package names and requires - removed Provides and Obsoletes clauses - dropped SLE12-only patch python-2.7.9-sles-disable-verification-by-default.patch, companion sle_tls_checks_policy.py file and the python-strict-tls-checks subpackage - dropped profile files - removed /usr/bin/python and /usr/bin/python2, along with other unversioned aliases - rewrote macros file to enable stand-alone packages depending on py2.7 - re-included downloaded version of HTML documentation- update to 2.7.12 * dozens of bugfixes, see NEWS for details * fixes multiple security issues: CVE-2016-0772 TLS stripping attack on smtplib (bsc#984751) CVE-2016-5636 zipimporter heap overflow (bsc#985177) CVE-2016-5699 httplib header injection (bsc#985348) (this one is actually fixed since 2.7.10) - removed upstreamed python-2.7.7-mhlib-linkcount.patch - refreshed multilib patch - python-2.7.12-makeopcode.patch - run newly-built python interpreter to make opcodes, in order not to require pre-built python - update LD_LIBRARY_PATH to use $PWD instead of "." because the test process escapes to its own directory - modify shebang-fixing scriptlet to ignore makeopcodetargets.py- CVE-2016-0772-smtplib-starttls.patch: smtplib vulnerability opens startTLS stripping attack (CVE-2016-0772, bsc#984751) - CVE-2016-5636-zipimporter-overflow.patch: heap overflow when importing malformed zip files (CVE-2016-5636, bsc#985177) - CVE-2016-5699-http-header-injection.patch: incorrect validation of HTTP headers allow header injection (CVE-2016-5699, bsc#985348) - python-2.7-httpoxy.patch: HTTPoxy vulnerability in urllib, fixed by disregarding HTTP_PROXY when REQUEST_METHOD is also set (CVE-2016-1000110, bsc#989523)- Add python-2.7.10-overflow_check.patch to fix broken overflow checks. [bnc#964182]- copy strict-tls-checks subpackage from SLE to retain future compatibility (not built in openSUSE) - do this properly to fix bnc#945401 - update SLE check to exclude Leap which also has version 1315, just to be sure- Add python-ncurses-6.0-accessors.patch: Fix build with NCurses 6.0 and OPAQUE_WINDOW set to 1.- add missing ssl.pyc and ssl.pyo to package - implement python-strict-tls-checks subpackage * when present, Python will perform TLS certificate checking by default. it is possible to remove the package to turn off the checks for compatibility with legacy scripts. * as discussed in fate#318300 * this is not built for openSUSE, but retained here in case we want to build the package for a SLE system- python-fix-short-dh.patch: Bump DH parameters to 2048 bit to fix logjam security issue. bsc#935856- add __python2 compatibility macro (used by Fedora) (fate#318838)- update to 2.7.10 - removed obsolete python-2.7-urllib2-localnet-ssl.patch- Reenable test_posix on aarch64- python-2.7.4-aarch64.patch: Remove obsolete patch - python-2.7-libffi-aarch64.patch: Fix argument passing in libffi for aarch64- update to 2.7.9 * contains full backport of ssl module from Python 3.4 (PEP466) * HTTPS certificate validation enabled by default (PEP476) * SSLv3 disabled by default (bnc#901715) * backported ensurepip module (PEP477) * fixes several missing CVEs from last release: CVE-2013-1752, CVE-2013-1753 * dozens of minor bugfixes - dropped upstreamed patches: python-2.7.6-poplib.patch, smtplib_maxline-2.7.patch, xmlrpc_gzip_27.patch - dropped patch python-2.7.3-ssl_ca_path.patch because we don't need it with ssl module from Python 3 - libffi was upgraded upstream, seems to contain our changes, so dropping libffi-ppc64le.diff as well - python-2.7-urllib2-localnet-ssl.patch - properly remove unconditional "import ssl" from test_urllib2_localnet that caused it to fail without ssl- skip test_thread in qemu_linux_user mode/sbin/ldconfig/sbin/ldconfigpython-elementtreepython-nothreadspython-sqlitepython21h03-ch2b 1733153548  "##%&&())+,,.//122455788:;;=>>@AACDDFGGIJJLMMOPPRSSUVVXYY[\\^__abbdefghijkllnooqrrtuvvxyz{||~2.72.7.18-150000.68.12.7.18-150000.68.12.7.18python2.7bsddb__init__.py__init__.pyc__init__.pyodb.pydb.pycdb.pyodbobj.pydbobj.pycdbobj.pyodbrecio.pydbrecio.pycdbrecio.pyodbshelve.pydbshelve.pycdbshelve.pyodbtables.pydbtables.pycdbtables.pyodbutils.pydbutils.pycdbutils.pyotest__init__.py__init__.pyc__init__.pyotest_all.pytest_all.pyctest_all.pyotest_associate.pytest_associate.pyctest_associate.pyotest_basics.pytest_basics.pyctest_basics.pyotest_compare.pytest_compare.pyctest_compare.pyotest_compat.pytest_compat.pyctest_compat.pyotest_cursor_pget_bug.pytest_cursor_pget_bug.pyctest_cursor_pget_bug.pyotest_db.pytest_db.pyctest_db.pyotest_dbenv.pytest_dbenv.pyctest_dbenv.pyotest_dbobj.pytest_dbobj.pyctest_dbobj.pyotest_dbshelve.pytest_dbshelve.pyctest_dbshelve.pyotest_dbtables.pytest_dbtables.pyctest_dbtables.pyotest_distributed_transactions.pytest_distributed_transactions.pyctest_distributed_transactions.pyotest_early_close.pytest_early_close.pyctest_early_close.pyotest_fileid.pytest_fileid.pyctest_fileid.pyotest_get_none.pytest_get_none.pyctest_get_none.pyotest_join.pytest_join.pyctest_join.pyotest_lock.pytest_lock.pyctest_lock.pyotest_misc.pytest_misc.pyctest_misc.pyotest_pickle.pytest_pickle.pyctest_pickle.pyotest_queue.pytest_queue.pyctest_queue.pyotest_recno.pytest_recno.pyctest_recno.pyotest_replication.pytest_replication.pyctest_replication.pyotest_sequence.pytest_sequence.pyctest_sequence.pyotest_thread.pytest_thread.pyctest_thread.pyolib-dynload_bsddb.so_hashlib.so_sqlite3.so_ssl.soreadline.sosqlite3__init__.py__init__.pyc__init__.pyodbapi2.pydbapi2.pycdbapi2.pyodump.pydump.pycdump.pyotest__init__.py__init__.pyc__init__.pyodbapi.pydbapi.pycdbapi.pyodump.pydump.pycdump.pyofactory.pyfactory.pycfactory.pyohooks.pyhooks.pychooks.pyopy25tests.pypy25tests.pycpy25tests.pyoregression.pyregression.pycregression.pyotransactions.pytransactions.pyctransactions.pyotypes.pytypes.pyctypes.pyouserfunctions.pyuserfunctions.pycuserfunctions.pyossl.pyssl.pycssl.pyopythonLICENSEREADMEREADME.SUSE/usr/lib64//usr/lib64/python2.7//usr/lib64/python2.7/bsddb//usr/lib64/python2.7/bsddb/test//usr/lib64/python2.7/lib-dynload//usr/lib64/python2.7/sqlite3//usr/lib64/python2.7/sqlite3/test//usr/share/doc/packages//usr/share/doc/packages/python/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:36648/SUSE_SLE-15_Update/5cc773bde90c584ce45e7b98481ef41b-python.SUSE_SLE-15_Updatedrpmxz5x86_64-suse-linux          directoryPython script, ASCII text executablepython 2.7 byte-compiledASCII textemptyELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=177a663e718c93f9ab41ca6f2234a5c3b067922a, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=98bbce15c32d28d7c3538e5a4a1841229daffcf3, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=98628587fec2e088e87d6a31de33acb321d6b908, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=dd3fd149f544a8e4dcea982adaa8905bb1e8b12b, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=746cde43940248c7898929eab1845f550a05474c, strippedPython script, ISO-8859 text executable  !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`iqy  RRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRR R R RRRRR RR R RRRRRRR R RRR RRRR RRRR R RRR RRRRRR R RRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRW/+Lf 7mutf-894b6ea5fb54aa5f3e8cee6303cac1b82828553f6fc45f3375a0f3fd3d8ca6802?7zXZ !t/ ]"k%r) Ӛ/*z+REW$iНVT›_08-R*nЋ rB%Ǖs Q}K/U2=GJ[zR4}e(z'f?=ږq01Xʟ};ٰ*ߡjtߌ?bVGoT @MQωi+p" e an])NDsKO ٴ%s/wגuy@Zےią4pj~{cJV&rR2Q4Xn{&iAƀW y "z "n `5Cqn)ٸ1d,gPp(*FiURJ5LԸ00P5OeWRQB?ܿJ>rdBr k+Rxgς- w=3gc7Ye 2wSAz^NLĿ^͕IPsCAʂ%l0ld߾0PyQ 7~&o(lfnfm  ɘ Prrߡ|.S Oހ=lTUZr!:41TmAQBXlJ`aWP?1F`F`=^]j 8NK4xf3FZHa EuczG'gEۨdTpœcaV126cZp[eՂOB"sL Eo6|//Ԡްd5?C{<]S vecZqV0qe_`j%z$yܒ?7 F3 ZRxN >D<{KbS\fqH׫?>;[UF xTK].V k>jzK򵓴J%Z`ƀWi Mtc餻?9Pre#O -4sQ^6QY3BȗSF>rTefxwR.rsBg:Tk'̘ zNz$?K)剋0<džJ+E6hٲs4~e0GIpZr>CeH3 Po/SkxjI-TVz fw,߀^EUҨ ۭư"!=TB҂7n fNZ;pAE5E R,j}0@ZaA9,ĕPI=x.򂒟Yp7nK* ?pu}~| %%"b90b̸Э=g\?&3?*gv:;#8;5I"w3y\0k?]cJ͟JVt+r@V Όw3@02yu q!Tx,W*Ӻ׎6$~HSX'Y+XA8:SoBudIЩl5''mçtG }~YpGiTE}.B fcI\.6)]~8Ѿ(lO*lkD+1z~F=j&>^UJ+%ibNzC _=}e?cwWJ~ðuόV}%HKy?(o s=<[-wJՙF Wi49-3GcWAHF(#+L.,k:%}' zln^K'btWl{ld> ̛bzK@V黺x\ff1Qb#/&m5o FlKx=!It,!Ai;bt>d@LnD6|f h"Ɏ9݌q YZ