| ID | 24223 |
| Package Name | python3.11 |
| Version | 3.11.6 |
| Release | 27.ocs23.rva23 |
| Epoch | |
| Source | git+https://gitee.com/opencloudos-stream/python3.11.git?.#f721c759f60bb557e4959d473027f3d4766047ff |
| Summary |
| Description |
| Built by | maxonxie |
| State |
complete
|
| Volume |
DEFAULT |
| Started | Thu, 20 Nov 2025 11:12:35 CST |
| Completed | Thu, 20 Nov 2025 21:22:04 CST |
| Task | build (dist-ocs23-riscv-rva23, /opencloudos-stream/python3.11.git:.:origin/master) |
| Extra | {'source': {'original_url': 'git+https://gitee.com/opencloudos-stream/python3.11.git?.#origin/master'}} |
| Tags |
|
| RPMs |
| src | |
|---|
|
python3.11-3.11.6-27.ocs23.rva23.src.rpm (info) (download) |
| noarch |
|
python-unversioned-command-3.11.6-27.ocs23.rva23.noarch.rpm (info) (download)
|
| riscv64 |
|
python3-3.11.6-27.ocs23.rva23.riscv64.rpm (info) (download)
|
|
python3-debug-3.11.6-27.ocs23.rva23.riscv64.rpm (info) (download)
|
|
python3-devel-3.11.6-27.ocs23.rva23.riscv64.rpm (info) (download)
|
|
python3-idle-3.11.6-27.ocs23.rva23.riscv64.rpm (info) (download)
|
|
python3-libs-3.11.6-27.ocs23.rva23.riscv64.rpm (info) (download)
|
|
python3-test-3.11.6-27.ocs23.rva23.riscv64.rpm (info) (download)
|
|
python3-tkinter-3.11.6-27.ocs23.rva23.riscv64.rpm (info) (download)
|
|
python3.11-debuginfo-3.11.6-27.ocs23.rva23.riscv64.rpm (info) (download)
|
|
python3.11-debugsource-3.11.6-27.ocs23.rva23.riscv64.rpm (info) (download)
|
|
| Logs |
|
| Changelog |
* Mon Nov 17 2025 cunshunxia <cunshunxia@tencent.com> - 3.11.6-27
- mute the testcase which fails because of port policy.
* Wed Nov 12 2025 Shuo Wang <abushwang@tencent.com> - 3.11.6-26
- fix CVE-2025-6075
- gh-136065: Fix quadratic complexity in os.path.expandvars() (GH-134952) (GH-140847)
* Tue Oct 28 2025 Tracker Robot <trackbot@opencloudos.tech> - 3.11.6-25
- [Type] security
- [DESC] Apply patches from rpm-tracker
- [Bug Fix] 1459d1f1f1f00f36a25f616c0cea1b6d1609ff7d.patch: [3.11] gh-139400: Make sure that parent parsers outlive their subparsers in pyexpat (GH-139403) (#139612)
- [Bug Fix] 22d5724fbbc0a3c55c51f63a14c10e0c618770d7.patch: [3.11] gh-135661: Fix CDATA section parsing in HTMLParser (GH-135665) (GH-137774) (GH-139659)
- [CVE Fix] 1d29afb0d6218aa8fb5e1e4a6133a4778d89bb46.patch: [3.11] gh-139700: Check consistency of the zip64 end of central directory record (GH-139702) (GH-139708) (GH-139713)
* Wed Oct 22 2025 Shuo Wang <abushwang@tencent.com> - 3.11.6-24
- fix CVE-2025-8291
- gh-139700: Check consistency of the zip64 end of
- central directory record (GH-139702) (GH-139708) (GH-139713)
* Wed Sep 24 2025 Tracker Robot <trackbot@opencloudos.tech> - 3.11.6-23
- [Type] security
- [DESC] Apply patches from rpm-tracker
- [CVE Fix] 5f90abaa786f994db3907fc31e2ee00ea2cf0929.patch: [3.11] gh-122133: Authenticate socket connection for socket.socketpair() fallback (GH-122134) (#122426)
- [CVE Fix] c5655aa6ad120d2ed7f255bebd6e8b71a9c07dde.patch: [3.11] gh-122133: Rework pure Python socketpair tests to avoid use of importlib.reload. (GH-122493) (GH-122506)
- [CVE Fix] bc4a703a934a59657ecd018320ef990bc5542803.patch: [3.11] [CVE-2023-27043] gh-102988: Reject malformed addresses in email.parseaddr() (GH-111116) (#123767)
* Thu Sep 18 2025 Tracker Robot <trackbot@opencloudos.tech> - 3.11.6-22
- [Type] bugfix
- [DESC] Apply patches from rpm-tracker
- [Bug Fix] 7cff053efeb8506495c5f77f40742341a1714d96.patch: [3.11] gh-80222: Fix email address header folding with long quoted-string (GH-122753) (#129009)
- [Bug Fix] 3abcace681e58c4c84cec9e191345a6cc58f46d9.patch: [3.11] gh-119511: Fix a potential denial of service in imaplib (GH-119514) (#129357)
- [Bug Fix] f1897d312e16bdf820ee47de053fdc24f621d0b1.patch: [3.11] GH-130396: Treat clang -Og as optimized for gdb tests (GH-130550) (GH-130573) (#130593)
- [Bug Fix] 6b37486184590d19c6f24e620545ec8f8f65e4c7.patch: [3.11] gh-106883 Fix deadlock in threaded application (#117332)
- [Bug Fix] 458871277323024d5d4db35ca7056cc51d5e4d8d.patch: [3.11] gh-127257: ssl: Raise OSError for ERR_LIB_SYS (GH-127361) (GH-127905) (GH-131970)
- [Bug Fix] 0a66052d8dec1a143bc77015ce7522ea812817ed.patch: [3.11] gh-121284: Fix email address header folding with parsed encoded-word (GH-122754) (GH-131405)
- [Bug Fix] f8b4421bc5569df25259895a58b69b4d87a47d20.patch: [3.11] gh-134062: Fix hash collisions in IPv4Network and IPv6Network (GH-134063) (GH-134479)
- [Bug Fix] da3755557a2f6421e400f6903a47b9de291a9494.patch: [3.11] gh-128840: Limit the number of parts in IPv6 address parsing (GH-128841) (GH-134613)
- [Bug Fix] 9df171dbbac669e0d43c978e10447f050b89eee6.patch: [3.11] gh-123409: fix IPv6Address.reverse_pointer for IPv4-mapped addresses (GH-123419) (GH-135087)
- [Bug Fix] 2c6ca1a9adfeaabfdc17b9871b17bd2ca9b32bb3.patch: [3.11] gh-128840: Fix parsing long IPv6 addresses with embedded IPv4 address (GH-134836) (GH-135091)
- [Bug Fix] 313544eb0381d868b4f8b351a0ca808c313af698.patch: [3.11] gh-127563: use dk_log2_index_bytes=3 in empty dicts (GH-127568) (GH-127813) (#135463)
- [Bug Fix] d8f6297e6d678f635d78cc59776ab7b246bfb03c.patch: [3.11] gh-102555: Fix comment parsing in HTMLParser according to the HTML5 standard (GH-135664) (GH-136274)
- [Bug Fix] 228509edab356b02743d9fa9de379854e9526e51.patch: [3.11] gh-135661: Fix parsing start and end tags in HTMLParser according to the HTML5 standard (GH-135930) (GH-136268) (#136291)
- [Bug Fix] 3511c2e546aaacda5880eb89a94f4e8514b3ce76.patch: [3.11] gh-135661: Fix parsing attributes with whitespaces around the = separator in HTMLParser (GH-136908) (GH-136920)
- [Bug Fix] 02feb83af27184fd15f6ee7f7996ab92ce229f82.patch: [3.11] gh-118350: Fix support of elements textarea and title in HTMLParser (GH-135310) (GH-137782)
* Mon Sep 01 2025 Xinlong Chen <xinlongchen@tencent.com> - 3.11.6-21
- disable some tests for riscv64
* Wed Jul 30 2025 cunshunxia <cunshunxia@tencent.com> - 3.11.6-20
- fix CVE-2025-8194.
- gh-130577: tarfile now validates archives to ensure member
- offsets are non-negative (GH-137027)
* Wed Jul 09 2025 Shuo Wang <abushwang@tencent.com> - 3.11.6-19
- fix CVE-2025-4516
- gh-133767: Fix use-after-free in the unicode-escape decoder
- with an error handler (GH-129648) (GH-133944) (GH-134341)
* Thu Jun 26 2025 Feng Weiyao <wynnfeng@tencent.com> - 3.11.6-18
- Add provides and symbolic links for compatibility with platform-python
* Wed Jun 25 2025 cunshunxia <cunshunxia@tencent.com> - 3.11.6-17
- fix CVE-2025-4435
- Also addresses CVEs 2024-12718, 2025-4138, 2025-4330, and 2025-4517
- gh-135034: Normalize link targets in tarfile, add `os.path.realpath(strict='allow_missing')` (GH-135037)
- fix CVE-2025-6069
* Mon Mar 10 2025 Shuo Wang <abushwang@tencent.com> - 3.11.6-16
- fix CVE-2025-1795
- email/_header_value_parser: don't encode list separators (GH-100885) (GH-115593)
- Fix UnicodeEncodeError in TokenList.fold() (GH-113730)
- Fix for email.generator.Generator with whitespace between encoded words. (#92281)
- Fix AttributeError in the email module (GH-119099)
* Mon Feb 24 2025 cunshunxia <cunshunxia@tencent.com> - 3.11.6-15
- fix CVE-2025-0938.
- gh-105704: Disallow square brackets (`[` and `]`) in
domain names for parsed URLs (GH-129418) (#129528)
* Tue Nov 05 2024 Shuo Wang <abushwang@tencent.com> - 3.11.6-14
- fix CVE-2024-6923
- Quote template strings in `venv` activation scripts (GH-124712) (GH-126185)
* Tue Oct 15 2024 cunshunxia <cunshunxia@tencent.com> - 3.11.6-13
- fix CVE-2024-6923.
* Thu Sep 26 2024 OpenCloudOS Release Engineering <releng@opencloudos.tech> - 3.11.6-12
- Rebuilt for clarifying the packages requirement in BaseOS and AppStream
* Wed Sep 18 2024 cunshunxia <cunshunxia@tencent.com> - 3.11.6-11
- fix CVE-2024-8088, CVE-2023-6597 and CVE-2024-7592.
* Fri Sep 06 2024 Shuo Wang <abushwang@tencent.com> - 3.11.6-10
- fix CVE-2024-6232
- Remove backtracking when parsing tarfile headers (GH-121286) (#123639)
* Fri Aug 16 2024 OpenCloudOS Release Engineering <releng@opencloudos.tech> - 3.11.6-9
- Rebuilt for loongarch release
* Wed Jun 19 2024 Shuo Wang <abushwang@tencent.com> - 3.11.6-8
- fix CVE-2024-0397
- Fix "private" (non-global) IP address ranges (GH-113179) (GH-113186)
* Tue Jun 18 2024 Shuo Wang <abushwang@tencent.com> - 3.11.6-7
- fix CVE-2024-0397
- Fix locking in cert_store_stats and get_ca_certs
* Sat May 25 2024 Huang Yang <huangyang@loongson.cn> - 3.11.6-6
- [Type] other
- [DESC] add loongarch64 support
* Mon Apr 15 2024 cunshunxia <cunshunxia@tencent.com> - 3.11.6-5
- fix CVE-2024-0450.
* Wed Apr 10 2024 Shuo Wang <abushwang@tencent.com> - 3.11.6-4
- simplify pybasever macro
* Mon Apr 08 2024 Shuo Wang <abushwang@tencent.com> - 3.11.6-3
- add support for multiple version
- fix etree test fail
* Wed Oct 25 2023 Shuo Wang <abushwang@tencent.com> - 3.11.6-2
- add Recommends to /usr/bin/python
- default install in user environment and not install in koji
* Mon Oct 23 2023 Zhao Zhen <jeremiazhao@tencent.com> - 3.11.6-1
- upgraded upstream 3.11.6
- fixed CVE-2023-40217 CVE-2023-41105
* Wed Oct 18 2023 Shuo Wang <abushwang@tencent.com> - 3.11.4-4
- remove unused idle3 files
* Wed Sep 20 2023 Shuo Wang <abushwang@tencent.com> - 3.11.4-3
- provides python-unversioned-command
* Thu Aug 24 2023 Zhao Zhen <jeremiazhao@tencent.com> - 3.11.4-2
- small fixes
* Thu Aug 24 2023 Zhao Zhen <jeremiazhao@tencent.com> - 3.11.4-1
- upgraded for upstream 3.11.4
- fixed CVE-2023-24329, CVE-2022-45061, CVE-2022-42919, CVE-2021-28861, CVE-2020-10735, CVE-2015-20107
- removed python-unversioned-command, it is now merged into python3 package, so python3 package contains
- /usr/bin/python by default
|
