python-base-64bit-2.7.17-lp151.10.29.1<>,_ǃ/=„JQr;5U]JcOOꚨYuoIü';4+7qLXv~~yB4j٭B /2=U9b9~d Bk M4֨7? dXA۝fyC c?/1p?}N[?N֫/9@S=晶7TqGIIQ486J8ޙ-M>>?d ) I 1HN\l<\< < L< << < 4<$<P<|<((8E9E:#QE>bGb<Hc<Id<XdYd\e$<]f<^hbicidjSejXfj[lj]ujx<vkh;w<xx<yh\`fCpython-base-64bit2.7.17lp151.10.29.1Python Interpreter base packagePython is an interpreted, object-oriented programming language, and is often compared to Tcl, Perl, Scheme, or Java. You can find an overview of Python in the documentation and tutorials included in the python-doc (HTML) or python-doc-pdf (PDF) packages. This package contains all of stand-alone Python files, minus binary modules that would pull in extra dependencies._ǃobs-arm-9XopenSUSE Leap 15.1openSUSEPython-2.0http://bugs.opensuse.orgDevelopment/Languages/Pythonhttp://www.python.org/linuxaarch64_ilp32/sbin/ldconfigh$pB$@` @  MX!HP$P 8%XP x8  (G P #`@@ 8X Pp 1AA큤_ǃ_ǃ_ǃ_ǃ_ǃ_ǃ_ǃ_ǃ_ǃ_ǃ_ǃ_ǃ_ǃ_ǃ_ǃ_ǃ_ǃ_ǃ_ǃ_ǃ_ǃ_ǃ_ǃ_ǃ_ǃ_ǃ_ǃ_ǃ_ǃ_ǃ_ǃ_ǃ_ǃ_ǃ_ǃ_ǃ_ǃ_ǃ_ǃ_ǃ_ǃ_ǃ_ǃ_ǃ_ǃ_ǃ_ǃ_ǃ_ǃ_ǃ_ǃ_ǃ_ǃ_ǃ_ǃ_ǃ_ǃ_ǃ_ǃ_ǃe681cb89fe9d015b60ab94faf825136dc8d53f2d49fba720d3e93427d4dbd3185a24edeb3091dada231ef1e37675eae53552f032d8aa5fef9097064e651c4ca5ba539cc52234207bf92a7adaf604fe824dfa865916e8415a3602b6599e34c1d23fe10aa074f213b7a28ceec17f36417ab5536d3e58f41bbdf8fcbc2b0c65813afb118350109800cd2efb7c66e8d5bd9366bf2686403b628804701f7c123bf84342a30fbcc8ee505ebbf5744daa93f3589a96ebfa44760d7197ff3b13764394dd90f337760bddc007246df1b4be72d968e6710d42717bb391c501c442244100e671487cdef312d29dc0185e84db1f241b485d14d04e8e4f6cbb0dcc84b6dfb997795e91ed9e4af3d8f73bbf230f7823e34075369a76184a67bcc582f3a125949f442f0d42aaf4be997ceee4b2aa3bdac9518005915828491004864cda8b08f9b8fb037852405c984f5e77a915ce7e044b9972615bed7722cc82b6bc26bbb1bbed521f3bf50fc335c9748b3b8c9b0e639f04760ae8e9c179a8e7400939732057da3603584ba51ea31c0576511879c7238f1579a2694908ec9f3fe30362f5e482866714de5d938dae42632c523da33a3bdd7f0cc2fc93bff845f08baefc9fcb023dd2099c3a7492a39ed9fd0d8a25b67a8600df471f12fc14d67d8e73a7e5e8ec2f7b7e9c1da20c198ce45f5c9df5561d0884f7fee11a1f92c5434743bdf8327cd03e7a73c140ca6ddf89eef0103975f5a4b7979ef45fde08b0abf118303302fad1063943a35ba827fe79b09187a7116d8969883d72cff54952972e496bcea093fd87cb03d1b61a01199ba62d8d47c03f73c578f73d99b2e97e0b42f2930f0a8d56633da094aca448cd7d19d40d892913f25183a9b83429896085d3cc1855694edd61a54bcf8b55aec54c98594d335cb186ed35274154ef6b7b2330a2d90da135a7fd6575aebfa232824af207400f2d4d7494fc297cc3b874b7b0b6bbc963dbd9ca333c8059ab3bd48ed952b2c8d169601268f1a2d123ea43b47145f6f210993b370d378677d55999a0a6e2a4de58ffbab734e209b6d6a8b319d9a7c02cb630670e8a65c94c12c195891088786985191472e8d53889555d3335fb9e7bef9821476992a4eb59f19051be612f9e4585db2bdeff3f73cfac543d863f69b5e2cf63ef697834e9c836faaf2c07b52ff05dca49bd11bc3c93519759338acafb2961b8894d877b16b197411c45110b81454e4faf05ad9bb2311fefb61e217d8833657b8d8077abb4f39e43bb58c51a3acfb1f89e1865437b618fd8610883e376e04d5e64c3612b305d357a689cb1213ef381da018e15d1a3fbe77488e5bcf69a1a404d2bc81f8d5d18d2e00f3b9deece0164bf9eaa772c397911018707cb4cc9c749c3b1487da989952792e7295181a9a04fa5175109b5493ea3da227c0556e0055e694d6e58a6d2a2933903a2a059a8cf0ff74f08e3ee2c9376299520fbca07c44fc660fafc3638081c0ebdc7dbfc3c63929091ef5806740f9b4243a496158fb24f95e7c4cea133e5938e5d5b63fa421bc03ea5ef441054640f09b49e98e9b612d8c963e7c17475ed69fd13ee861045b93405202e4905a0a0a00dbe967dfa093c497cff9a7b16cd765105c10ecf0e40ead2589ed68ea048519b1f02bd323b003fcffbe629e355f5af52ce4e5dcddedc2511c1226ec5bf9631874eb876bd0126ad42caad85ca0194e8751fd52f4c812b6ee72659cbd5953813be5b1c88bf7f28be32dab62c21ca4a4081670866f6007131585d20e0a4a9a60aca1a5862caa35e8209827f3667d72e8910607511515c5200a7256ad5b233ee6180f9a09f6652a266c64c34bfbcf6855b7c869fcb84f8f38b4e14a3c0ce553d6a648cb83b2ca3f8ca6794c2769e30017e3ab9cf2380966d58853ecd20cc724907d7b7ab67fd7d1e611e6f7a71be04ac0b6cbc3002ea375ba306fd85a7531982eec4ae6ee80832cd8cd9ac2e305916479733ec4910aecf0006ea827f68cafe0e4bb86d63c52c7c4abb417d2e4d3513562d06cee04890d74fd1d20f57c76ef895339353877ce19550407b1ec1914c4cf38ee9fa52bb861199d6bb2ecce0177cc5adc669adaa593b4eec0d049d26c34907a0e58fb2af6bbe70d3fb75252e7a4142c4e2e391ebe75610b3ade60e88bf0da3717e01efc832db36598cbefdf7cdca737c1d9ebf83871befc6438cbf88183ce4bab160d5c95c36464570430160e441b61be78fcedffef3e0b6f85021611b5881ed4a920ef03cea4da52a976d00c819b366a4d2399b7b3eb777dea1411b928f2235366b6d1b62f724383ebc5b0a6a9061911b381b3fb8fe669e38ab6c375a51dd14dd325e049390c6cb7e31bb2a53c656315452951c0122eef07159632a201dc0a79ab845f4f716d0ba6717c80de0c49aae2f903c587dedd090c3450287309443bd3d74dd715fcb2f37e7000084c327dd347f1440d2fcbe89734025b29abfde9a7c7778c4b39123723c129f51ef5cb825a9e8df0c0ff07f90d306d0d135575e323f1a3871015c22a95607efc7f28add571bb8e690393aef9fa8bd28edd5534868e64ecc277405fccbbb44060a542ea10bf73986a738eb45ba58a7b078e0rootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootpython-base-2.7.17-lp151.10.29.1.src.rpmpython-base-64bitpython-base-64bit(aarch-64)@@@@@@@@@@@@@@@@@@@    /bin/shld-linux-aarch64.so.1()(64bit)ld-linux-aarch64.so.1(GLIBC_2.17)(64bit)libbz2.so.1()(64bit)libc.so.6()(64bit)libc.so.6(GLIBC_2.17)(64bit)libcrypt.so.1()(64bit)libcrypt.so.1(GLIBC_2.17)(64bit)libm.so.6()(64bit)libm.so.6(GLIBC_2.17)(64bit)libnsl.so.2()(64bit)libnsl.so.2(LIBNSL_1.0)(64bit)libpthread.so.0()(64bit)libpthread.so.0(GLIBC_2.17)(64bit)libpython2.7.so.1.0()(64bit)libtirpc.so.3()(64bit)libtirpc.so.3(TIRPC_0.3.0)(64bit)libz.so.1()(64bit)libz.so.1(ZLIB_1.2.0)(64bit)python(abi)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)2.73.0.4-14.6.0-14.0-15.2-14.14.1___@^@^>^>^;^8 @^.^g@^ @]f@]@]]]d@]d@]@]z@]V]y@]9]1]\t@\\7\7\\J@\J@\C@\2[[#@[6@[@[ @[Za@Z@ZxG@ZtRZp^@ZSteve Kowalik Matej Cepl Matej Cepl Matej Cepl Matej Cepl Matej Cepl Tomáš Chvátal Matej Cepl Matej Cepl Tomáš Chvátal Dominique Leuenberger Matej Cepl Matej Cepl Matej Cepl Matej Cepl Steve Kowalik Matej Cepl Matej Cepl Bernhard Wiedemann Matej Cepl Matej Cepl Tomáš Chvátal Matej Cepl Martin Liška Matej Cepl Matej Cepl Matej Cepl Matej Cepl mcepl@suse.commcepl@suse.commcepl@suse.comTodd R Tomáš Chvátal Matěj Cepl mcepl@suse.compsimons@suse.commcepl@suse.commichael@stroeder.commliska@suse.czpsimons@suse.comnormand@linux.vnet.ibm.comnormand@linux.vnet.ibm.comtchvatal@suse.comjmatejek@suse.comjmatejek@suse.commpluskal@suse.comvcizek@suse.comjmatejek@suse.comkukuk@suse.dejmatejek@suse.comjmatejek@suse.combwiedemann@suse.comjmatejek@suse.comjmatejek@suse.comjmatejek@suse.comjmatejek@suse.comjmatejek@suse.comrguenther@suse.comjmatejek@suse.comdimstar@opensuse.orgjmatejek@suse.commeissner@suse.comdmueller@suse.commichael@stroeder.comschwab@suse.deschwab@suse.dejmatejek@suse.comdmueller@suse.com- Replace bundled wheels for pip and setuptools with the updated ones (bsc#1176262 CVE-2019-20916).- Add CVE-2020-26116-httplib-header-injection.patch fixing bsc#1177211 (CVE-2020-26116, bpo#39603) no longer allowing special characters in the method parameter of HTTPConnection.putrequest in httplib, stopping injection of headers. Such characters now raise ValueError.- Add CVE-2019-20907_tarfile-inf-loop.patch fixing bsc#1174091 (CVE-2019-20907, bpo#39017) avoiding possible infinite loop in specifically crafted tarball. Add recursion.tar as a testing tarball for the patch.- Add CVE-2019-18348-CRLF_injection_via_host_part.patch to disallow control characters in hostnames in httplib, addressing CVE-2019-18348. Such potentially malicious header injection URLs now cause a InvalidURL to be raised. (bsc#1155094)- Add CVE-2019-9674-zip-bomb.patch to improve documentation warning about dangers of zip-bombs and other security problems with zipfile library. (bsc#1162825 CVE-2019-9674)- Change to Requires: libpython%{so_version} == %{version}-%{release} to python-base to keep both packages always synchronized (add %{so_version}) (bsc#1162224).- Add CVE-2020-8492-urllib-ReDoS.patch fixing the security bug "Python urrlib allowed an HTTP server to conduct Regular Expression Denial of Service (ReDoS)" (bsc#1162367)- Provide python-testsuite from devel subkg to ease py2->py3 dependencies- Add python-2.7.17-switch-off-failing-SSL-tests.patch to switch off tests coliding with the combination of modern Python and ancient OpenSSL on SLE-12.- libnsl is required only on more recent SLEs and openSUSE, older glibc supported NIS on its own.- Add provides in gdbm subpackage to provide dbm symbols. This allows us to use %%{python_module dbm} as a dependency and have it properly resolved for both python2 and python3- Drop appstream-glib BuildRequires and no longer call appstream-util validate-relax: eliminate a build cycle between as-glib and python. The only thing would would gain by calling as-uril is catching if upstream breaks the appdata.xml file in a future release. Considering py2 is dying, chances for a new release, let alone one breaking the xml file, are slim.- Unify packages among openSUSE:Factory and SLE versions. (bsc#1159035) ; add missing records to this changelog. - Add idle.desktop and idle.appdata.xml to provide IDLE in menus (bsc#1153830)- Add python2_split_startup Provide to make it possible to conflict older packages by shared-python-startup.- Move /etc/pythonstart script to shared-python-startup package.- Add bpo-36576-skip_tests_for_OpenSSL-111.patch (originally from bpo#36576) skipping tests failing with OpenSSL 1.1.1. Fixes bsc#1149792- Add adapted-from-F00251-change-user-install-location.patch fixing pip/distutils to install into /usr/local.- Update to 2.7.17: - a bug fix release in the Python 2.7.x series. It is expected to be the penultimate release for Python 2.7. - Removed patches included upstream: - CVE-2018-20852-cookie-domain-check.patch - CVE-2019-16935-xmlrpc-doc-server_title.patch - CVE-2019-9636-netloc-no-decompose-characters.patch - CVE-2019-9947-no-ctrl-char-http.patch - CVE-2019-9948-avoid_local-file.patch - python-2.7.14-CVE-2018-1000030-1.patch - python-2.7.14-CVE-2018-1000030-2.patch - Renamed remove-static-libpython.diff and python-bsddb6.diff to remove-static-libpython.patch and python-bsddb6.patch to unify filenames.- Add CVE-2019-16935-xmlrpc-doc-server_title.patch fixing bsc#1153238 (aka CVE-2019-16935) fixing a reflected XSS in python/Lib/DocXMLRPCServer.py- Add bpo36302-sort-module-sources.patch (boo#1041090)- Add CVE-2019-16056-email-parse-addr.patch fixing the email module wrongly parses email addresses [bsc#1149955, CVE-2019-16056]- boo#1141853 (CVE-2018-20852) add CVE-2018-20852-cookie-domain-check.patch fixing http.cookiejar.DefaultPolicy.domain_return_ok which did not correctly validate the domain: it could be tricked into sending cookies to the wrong server.- Skip test_urllib2_localnet that randomly fails in OBS- bsc#1138459: add CVE-2019-10160-netloc-port-regression.patch which fixes regression introduced by the previous patch. (CVE-2019-10160) Upstream gh#python/cpython#13812- Set _lto_cflags to nil as it will prevent to propage LTO for Python modules that are built in a separate package.- bsc#1130840 (CVE-2019-9947): add CVE-2019-9947-no-ctrl-char-http.patch Address the issue by disallowing URL paths with embedded whitespace or control characters through into the underlying http client request. Such potentially malicious header injection URLs now cause a ValueError to be raised.- bsc#1130847 (CVE-2019-9948) add CVE-2019-9948-avoid_local-file.patch removing unnecessary (and potentially harmful) URL scheme local-file://.- bsc#1129346: add CVE-2019-9636-netloc-no-decompose-characters.patch Characters in the netloc attribute that decompose under NFKC normalization (as used by the IDNA encoding) into any of ``/``, ``?``, ``#``, ``@``, or ``:`` will raise a ValueError. If the URL is decomposed before parsing, or is not a Unicode string, no error will be raised (CVE-2019-9636). Upstream commits e37ef41 and 507bd8c.- (bsc#1111793) Update to 2.7.16: * bugfix-only release: complete list of changes on https://github.com/python/cpython/blob/2.7/Misc/NEWS.d/2.7.16rc1.rst * Removed openssl-111.patch and CVE-2018-1000802-shutil_use_subprocess_no_spawn.patch which are fully included in the tarball. * Updated patches to apply cleanly: CVE-2019-5010-null-defer-x509-cert-DOS.patch bpo36160-init-sysconfig_vars.patch do-not-use-non-ascii-in-test_ssl.patch openssl-111-middlebox-compat.patch openssl-111-ssl_options.patch python-2.5.1-sqlite.patch python-2.6-gettext-plurals.patch python-2.7-dirs.patch python-2.7.2-fix_date_time_compiler.patch python-2.7.4-canonicalize2.patch python-2.7.5-multilib.patch python-2.7.9-ssl_ca_path.patch python-bsddb6.diff remove-static-libpython.patch * Update python-2.7.5-multilib.patch to pass with new platlib regime.- bsc#1109847: add CVE-2018-14647_XML_SetHashSalt-in_elementtree.patch fixing bpo-34623.- bsc#1073748: add bpo-29347-dereferencing-undefined-pointers.patch PyWeakref_NewProxy@Objects/weakrefobject.c creates new isntance of PyWeakReference struct and does not intialize wr_prev and wr_next of new isntance. These pointers can have garbage and point to random memory locations. Python should not crash while destroying the isntance created in the same interpreter function. As per my understanding, both wr_prev and wr_next of PyWeakReference instance should be initialized to NULL to avoid segfault.- bsc#1122191: add CVE-2019-5010-null-defer-x509-cert-DOS.patch fixing bpo-35746. An exploitable denial-of-service vulnerability exists in the X509 certificate parser of Python.org Python 2.7.11 / 3.7.2. A specially crafted X509 certificate can cause a NULL pointer dereference, resulting in a denial of service. An attacker can initiate or accept TLS connections using crafted certificates to trigger this vulnerability.- Use upstream-recommended %{_rpmconfigdir}/macros.d directory for the rpm macros.- Add patch openssl-111.patch to work with openssl-1.1.1 (bsc#1113755)- Apply "CVE-2018-1000802-shutil_use_subprocess_no_spawn.patch" which converts shutil._call_external_zip to use subprocess rather than distutils.spawn. [bsc#1109663, CVE-2018-1000802]- Apply "CVE-2018-1061-DOS-via-regexp-difflib.patch" to prevent low-grade poplib REDOS (CVE-2018-1060) and to prevent difflib REDOS (CVE-2018-1061). Prior to this patch mail server's timestamp was susceptible to catastrophic backtracking on long evil response from the server. Also, it was susceptible to catastrophic backtracking, which was a potential DOS vector. [bsc#1088004 and bsc#1088009, CVE-2018-1061 and CVE-2018-1060]- Apply "CVE-2017-18207.patch" to add a check to Lib/wave.py that verifies that at least one channel is provided. Prior to this check, attackers could cause a denial of service (divide-by-zero error and application crash) via a crafted wav format audio file. [bsc#1083507, CVE-2017-18207]- Apply "python-sorted_tar.patch" (bsc#1086001, boo#1081750) sort tarfile output directory listing- update to 2.7.15 * dozens of bugfixes, see NEWS for details - removed obsolete patches: * python-ncurses-6.0-accessors.patch * python-fix-shebang.patch * gcc8-miscompilation-fix.patch - add patch from upstream: * do-not-use-non-ascii-in-test_ssl.patch- Add gcc8-miscompilation-fix.patch (boo#1084650).- Apply "python-2.7.14-CVE-2017-1000158.patch" to prevent integer overflows in PyString_DecodeEscape that could have resulted in heap-based buffer overflow attacks and possible arbitrary code execution. [bsc#1068664, CVE-2017-1000158]- exclude test_socket & test_subprocess for PowerPC boo#1078485 (same ref as previous change)- Add python-skip_random_failing_tests.patch bypass boo#1078485 and exclude many tests for PowerPC- Add patch python-fix-shebang.patch to fix bsc#1078326- exclude test_regrtest for s390, where it does not segfault as it should (fixes bsc#1073269) - fix segfault while creating weakref - bsc#1073748, bpo#29347 (this is actually fixed by the 2.7.14 update; mentioning this for purposes of bugfix tracking)- update to 2.7.14 * dozens of bugfixes, see NEWS for details * fixed possible integer overflow in PyString_DecodeEscape (CVE-2017-1000158, bsc#1068664) * fixed segfaults with dict mutated during search * fixed possible free-after-use problems with buffer objects with custom indexing * fixed urllib.splithost to correctly parse fragments (bpo-30500) - drop upstreamed python-2.7.13-overflow_check.patch - drop unneeded python-2.7.12-makeopcode.patch - drop upstreamed 0001-2.7-bpo-30714-ALPN-changes-for-OpenSSL-1.1.0f-3094.patch - Apply "python-2.7.14-CVE-2018-1000030-1.patch" and "python-2.7.14-CVE-2018-1000030-2.patch" to remedy a bug that would crash the Python interpreter when multiple threads used the same I/O stream concurrently. This issue is not classified as a security vulnerability due to the fact that an attacker must be able to run code, however in some situations -- such as function as a service -- this vulnerability can potentially be used by an attacker to violate a trust boundary. [bsc#1079300, CVE-2018-1000030]- Call python2 instead of python in macros- Fix test broken with OpenSSL 1.1 (bsc#1042670) * add 0001-2.7-bpo-30714-ALPN-changes-for-OpenSSL-1.1.0f-3094.patch- drop SUSE_ASNEEDED=0 as it is not needed anymore- Add libnsl-devel build requires for glibc obsoleting libnsl- obsolete/provide python-argparse and provide python2-argparse, because the argparse module is available from python 2.7 up- SLE package update (bsc#1027282) - refresh python-2.7.5-multilib.patch - dropped upstreamed patches: python-fix-short-dh.patch python-2.7.7-mhlib-linkcount.patch python-2.7-urllib2-localnet-ssl.patch CVE-2016-0772-smtplib-starttls.patch CVE-2016-5699-http-header-injection.patch CVE-2016-5636-zipimporter-overflow.patch python-2.7-httpoxy.patch - Add python-ncurses-6.0-accessors.patch: Fix build with NCurses 6.0 and OPAQUE_WINDOW set to 1. (dimstar@opensuse.org)- Add reproducible.patch to allow reproducible builds of various python packages like python-amqp Upstream: https://github.com/python/cpython/pull/296- update to 2.7.13 * dozens of bugfixes, see NEWS for details * updated cipher lists for openssl wrapper, support openssl >= 1.1.0 * properly fix HTTPoxy (CVE-2016-1000110) * profile-opt build now applies PGO to modules as well - update python-2.7.10-overflow_check.patch with python-2.7.13-overflow_check.patch, incorporating upstream changes (bnc#964182) - add "-fwrapv" to optflags explicitly because upstream code still relies on it in many places- provide python2-* symbols, for support of new packages built as python2-foo - rename macros.python to macros.python2 accordingly - require python-rpm-macros package, drop macro definitions from macros.python2- initial packaging of `python27` side-by-side variant (fate#321075, bsc#997436) - renamed `python` to `python27` in package names and requires - removed Provides and Obsoletes clauses - dropped SLE12-only patch python-2.7.9-sles-disable-verification-by-default.patch, companion sle_tls_checks_policy.py file and the python-strict-tls-checks subpackage - dropped profile files - removed /usr/bin/python and /usr/bin/python2, along with other unversioned aliases - rewrote macros file to enable stand-alone packages depending on py2.7 - re-included downloaded version of HTML documentation- update to 2.7.12 * dozens of bugfixes, see NEWS for details * fixes multiple security issues: CVE-2016-0772 TLS stripping attack on smtplib (bsc#984751) CVE-2016-5636 zipimporter heap overflow (bsc#985177) CVE-2016-5699 httplib header injection (bsc#985348) (this one is actually fixed since 2.7.10) - removed upstreamed python-2.7.7-mhlib-linkcount.patch - refreshed multilib patch - python-2.7.12-makeopcode.patch - run newly-built python interpreter to make opcodes, in order not to require pre-built python - update LD_LIBRARY_PATH to use $PWD instead of "." because the test process escapes to its own directory - modify shebang-fixing scriptlet to ignore makeopcodetargets.py- CVE-2016-0772-smtplib-starttls.patch: smtplib vulnerability opens startTLS stripping attack (CVE-2016-0772, bsc#984751) - CVE-2016-5636-zipimporter-overflow.patch: heap overflow when importing malformed zip files (CVE-2016-5636, bsc#985177) - CVE-2016-5699-http-header-injection.patch: incorrect validation of HTTP headers allow header injection (CVE-2016-5699, bsc#985348) - python-2.7-httpoxy.patch: HTTPoxy vulnerability in urllib, fixed by disregarding HTTP_PROXY when REQUEST_METHOD is also set (CVE-2016-1000110, bsc#989523)- Add python-2.7.10-overflow_check.patch to fix broken overflow checks. [bnc#964182]- copy strict-tls-checks subpackage from SLE to retain future compatibility (not built in openSUSE) - do this properly to fix bnc#945401 - update SLE check to exclude Leap which also has version 1315, just to be sure- Add python-ncurses-6.0-accessors.patch: Fix build with NCurses 6.0 and OPAQUE_WINDOW set to 1.- add missing ssl.pyc and ssl.pyo to package - implement python-strict-tls-checks subpackage * when present, Python will perform TLS certificate checking by default. it is possible to remove the package to turn off the checks for compatibility with legacy scripts. * as discussed in fate#318300 * this is not built for openSUSE, but retained here in case we want to build the package for a SLE system- python-fix-short-dh.patch: Bump DH parameters to 2048 bit to fix logjam security issue. bsc#935856- add __python2 compatibility macro (used by Fedora) (fate#318838)- update to 2.7.10 - removed obsolete python-2.7-urllib2-localnet-ssl.patch- Reenable test_posix on aarch64- python-2.7.4-aarch64.patch: Remove obsolete patch - python-2.7-libffi-aarch64.patch: Fix argument passing in libffi for aarch64- update to 2.7.9 * contains full backport of ssl module from Python 3.4 (PEP466) * HTTPS certificate validation enabled by default (PEP476) * SSLv3 disabled by default (bnc#901715) * backported ensurepip module (PEP477) * fixes several missing CVEs from last release: CVE-2013-1752, CVE-2013-1753 * dozens of minor bugfixes - dropped upstreamed patches: python-2.7.6-poplib.patch, smtplib_maxline-2.7.patch, xmlrpc_gzip_27.patch - dropped patch python-2.7.3-ssl_ca_path.patch because we don't need it with ssl module from Python 3 - libffi was upgraded upstream, seems to contain our changes, so dropping libffi-ppc64le.diff as well - python-2.7-urllib2-localnet-ssl.patch - properly remove unconditional "import ssl" from test_urllib2_localnet that caused it to fail without ssl- skip test_thread in qemu_linux_user mode/bin/sh  !"#$%&'()*+,-./0123456789:;<2.7.17-lp151.10.29.12.7.17-lp151.10.29.1python2.7lib-dynload_bisect.so_codecs_cn.so_codecs_hk.so_codecs_iso2022.so_codecs_jp.so_codecs_kr.so_codecs_tw.so_collections.so_csv.so_ctypes.so_ctypes_test.so_elementtree.so_functools.so_heapq.so_hotshot.so_io.so_json.so_locale.so_lsprof.so_md5.so_multibytecodec.so_multiprocessing.so_random.so_sha.so_sha256.so_sha512.so_socket.so_struct.so_testcapi.soarray.soaudioop.sobinascii.sobz2.socPickle.socStringIO.socmath.socrypt.sodatetime.sofcntl.sofuture_builtins.sogrp.soitertools.solinuxaudiodev.somath.sommap.sonis.sooperator.soossaudiodev.soparser.soresource.soselect.sospwd.sostrop.sosyslog.sotermios.sotime.sounicodedata.sozlib.so/usr/lib64//usr/lib64/python2.7//usr/lib64/python2.7/lib-dynload/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.opensuse.org/openSUSE:Maintenance:15217/openSUSE_Leap_15.1_Update_ports/23cfcfd00487dd74ec0abaf6291d1a5e-python-base.openSUSE_Leap_15.1_Updatedrpmxz5aarch64_ilp32-suse-linux  !"#$%&'()*+,-./0123456789:directoryELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=a9170f27e9c95572eb28b4be5712bd1c55ba3c2e, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=a5f6cabaaa65072dc37e076dc77c73774bfa2305, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=070c6d0105e081b6b8bd5dc41ef9741953d961c5, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=a6f5e9c3773465807dfbe49792c5a66f631804b4, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=5ecc6d8b0a6572cb6b3f7bd3950e978caf4af385, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=0cadc7889bb7aabce818f284c7ef2e6e45131b03, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=394a0fad487ab849e87992fc28eceffe648407aa, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=fa8d097487dcf1b06b6ced78c5fa0c5ce85f9d41, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=21f11a1e1b70b4585ba2cf751266e1546d763928, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=56ff958475c5221003d0ca9ad35caf59182a9738, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=e7f11fb466bba5e30073b8c24c49ce2d9eb24000, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=c225a12f653788db33372f188d8aee6093ab1e3c, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=9206035af22fcdb292676f1df695c00e8d822ad8, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=bb66a4c1c43341ead23fac41d376a0990c02766c, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=57e5485e2e31ba8ef95555e5606b02899892ade6, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=9dba17964cb834cdfc9e626f54ea8e9ff83fdad6, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=c72f78ee957e33398b05ef223665cf27cfade87c, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=651a9fc2e1e73a887f2dab808062357e04a73af1, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=5760491537764caacc37923e0f74f6283778323f, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=62326dada7ff1c99faa90e8a7a4c5790f9d86eb0, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=45ce65d2a4927a47acb3aee40525588aa86827b8, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=8f96a853ff9f510f0b5d31394b48667907169857, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=e242c70b08142204136275fa31f1cb7f72a33902, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=37e83b72e8eec82f15760dc4ae12ac27353ff689, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=9b4c01c5326e3b12cb8445d4c18b68da9a0b8888, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=de8fb8e6e473c51a2c6294b98316381738b4fefe, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=f9bb58f439973da4a3a71bee77ec033f48b111b2, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=bfbe8f5cea5f3d5de7b2bb6df7ac0935ff9cbaa6, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=0820572971fcaf97158d3d7a4237d84e48250a3c, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=4763604c670cd2e2f2cc55218b083e8ae22c0608, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=169df9002b82fd06a34c4550e52c1428216e7758, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=e25f3ba099821b1f2b4768cdf5e538ff96c3d5a5, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=99748872c1c0d3d6aaa479fcb3b904cd43f1cb97, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=903aa5bef3dab35137ed98bb790620dbdd0a4f79, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=5f5e47424bc2fe2c7e69879664e479a2663fdf1d, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=2f9042164f9e93976ec413884b93712477dc38ee, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=761cfd3c8314a18de798c594f66115e26c04bdd4, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=07d5948ba5a54e2e379cac09870ac07c3977cf0c, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=a5db0def25168e92125238f206e4aec50835bb4b, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=ff833ed9e14295e6cd9f2d51d9126ade37e993a2, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=704de64d8b8a318ca71b8d03d343bed13f1e0d92, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=aacb2ada49c7c98f33dabc98f5dd2cddaa4f65c4, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=b3a70b72d969c9fc717096cb71972ad689a13567, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=9c927aab90e094867c1403708820af11b4ac87c4, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=240e5b1065481010f29ab4bd46f8959d34350a05, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=2f1e98f5b5f92e52852943caec4bbf6fbf2b5215, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=f489ad1e61471dafc50ba7e88115dc53547c5106, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=ed6f6f7f9ba29f81be1317744d9320127cadddbf, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=33e85404a3127417768a2a196e775eaf46d211f8, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=0489231ad3f6831b2377143c012877479fe80d3c, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=79e4468313aaf844e95fb14b41c8636c0469b947, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=c8ab4b75ba7fb0c75648446351c8d014336a3dc8, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=7b1ad5c0fb62c4f1f19a50cf0283388f1c15fd2d, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=c72b2b8732728f3eeeb9d51f5c64a3caafa1881a, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=fae8f30b7eb8783861be3f2508175414b6b148f4, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=8de7c92e6c502b84556804ffd74432fc66957cab, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=eb127ba57eef9c14882de38b40627e0305d26aeb, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=2028c717667ee6ef980a789e6d196d1ad046cc71, stripped#*18?GNU\cjry %,3:BLT_fnu}      RRRRR RRRRRRR RRRRRRR RRRRRRR RRRRRRR RRRRRRR RRRRRRR RRRRRRR RRRRRRR RRRRR RRR RRRRRRR RRRRRRR RRRRRRR RRRRRRR RRRRRRR RRRRR RRR RRRRRRR RRRRRRR RRRRRRR RRRRRRR RRRRRRR RRRRR RRR RRRRRRR RRRRRRR RRRRRRR RRRRRRR RRRR RR RRRR RRRRRRR RRRRR RRR RRRRRRR RRRRRRR RRRRRRRR RRRRRRRR RRRR RRRR RRRR RRRR RRRR RRR RRR RRRRRRRRR RRRR R RRRRR RRRR RRRR RRRRRRR RRRRRRR RRRRRRR RRRRR RRR RRRR RR RRRR RRRRR RRR RRRRR RRR RRR RRRRRRR RRRRR RRR RRRRRRR RRRR RRRR RRRRR RRR RRRRRRR RRRR RRRR RRRRRRR RRRRR RRR RRRR R RRRRR RRRRRRR RRRRRRRRR RRutf-8104864a03bdc85086cf79d55da0941bb8659e0d97318463b3d2ccb32e79be8eb? 7zXZ !t/ 3 ]"k%0a C4uwʢ#TL$|'Cz4"VU[rנ4j l\ ^+ہH5ǣ_cm<&`k(­O~eSF~vdNKlY'] Mtn0ϴNYڹH ﯌ %2:\ZIbrs5@ZODYCbI=؛6az"\?tBGP`Ӕ__ Nfһyk^4llʅĖ\ˈ:Z +Cbccb=u}Oߨ '9qngd@t(r?ۃ>GXfnzv&Vqn(xvQ4^&>Ez"5.xpBLD{,Yd|5kd6Etb <b2y\B9nZWEҵ2AwS=m'&vj"ua%/SDSn 4< oN]:yAf-bxz5މdxi} F\e9[n[%P*oeq63$ڐj-e)ӂټGx:2Yp@Y*f/ Clx ǸSnJ{"TD;Խҝ!t$/[R ;ɝ_pq:6vA%<{'(B#فҪ„9x&8_)uGʭr1_QjTw^b?$n~75 (f<"- )R9ruH_ Ժc0[ee2nOٸ,U^N=|DKSrA(F-NZPz+ X*d\K7XHW`i/g%;{wϠ xeb%H^n?MGC=]''co:>A`^cBՓGP;*bc-9/bM. ! ?̜%Ʌ`YriQ{u|w]C q7UYcJrZѓ;ѶvW5\vb΁;g9qnb:BQe!겣<X<vY4@] k^E}|9Uj_M^lfH=5٨R8'QtF-Awshv"*c3.@&.;C` jhpUBl)vhRo:h!xuh%!9͊kS̹qψ\`olwt4V=_@IST4:LGxT0XLM)ة(Ժ]Wz2vwW!l S=܋1†p,Sb4<_5uyv)0w]:=ɵ9 Pǥ|9B>w_lY߅=]@B>&ɉ7VݙaKt}krP$ ?38;G *ܸ sQ\qkJO|%E 2rق@OH9B4YqM^: -HFg 4VM8/o15qFA8dwd&JѶڹ cu] ;|n<eـO:NԭAN3=Gwh\*iAfWGŬ|<+/@@;O]@G_e9F #X~pAL `7QAq?'3z-n~~* />fIF=Eð*fx?]U,\F) )pн/R$cP:8$oegH %Uu\yK;^ָfBxd8sE+YW%cl%? 4͘1ETQ(dMқLEG}_,{*(# "$Tg #vY@嵆MEHA-hjXbM.ZA|E!hdtoW65j̼"qjkA,(XJgiȌ!'\N\#B7NC05)(̵~4[ zAY&r⡦eIQ _\1X<Jhܦ \eZpkp|F*/I`w@ݛ YZ