Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package python-PyYAML for openSUSE:Factory checked in at 2021-02-01 13:26:39
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/python-PyYAML (Old)
and /work/SRC/openSUSE:Factory/.python-PyYAML.new.28504 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-PyYAML"
Mon Feb 1 13:26:39 2021 rev:24 rq:866403 version:5.4.1
Changes:
--------
--- /work/SRC/openSUSE:Factory/python-PyYAML/python-PyYAML.changes 2020-03-27 00:27:05.720311448 +0100
+++ /work/SRC/openSUSE:Factory/.python-PyYAML.new.28504/python-PyYAML.changes 2021-02-01 13:28:28.806128907 +0100
@@ -1,0 +2,11 @@
+Sun Jan 24 18:21:20 UTC 2021 - Dirk M��ller
+
+- update to 5.4.1 (bsc#1174514, CVE-2020-14343):
+ * Fix stub compat with older pyyaml versions that may unwittingly load it
+ * Build modernization, remove distutils, fix metadata, build wheels, CI to GHA
+ * Fix for CVE-2020-14343, moves arbitrary python tags to UnsafeLoader
+ * Fix memory leak in implicit resolver setup
+ * Fix py2 copy support for timezone objects
+ * Fix compatibility with Jython
+
+-------------------------------------------------------------------
Old:
----
PyYAML-5.3.1.tar.gz
New:
----
PyYAML-5.4.1.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ python-PyYAML.spec ++++++
--- /var/tmp/diff_new_pack.5r3sBv/_old 2021-02-01 13:28:29.386129809 +0100
+++ /var/tmp/diff_new_pack.5r3sBv/_new 2021-02-01 13:28:29.390129816 +0100
@@ -1,7 +1,7 @@
#
# spec file for package python-PyYAML
#
-# Copyright (c) 2020 SUSE LLC
+# Copyright (c) 2021 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -19,13 +19,13 @@
%{?!python_module:%define python_module() python-%{**} python3-%{**}}
%define oldpython python
Name: python-PyYAML
-Version: 5.3.1
+Version: 5.4.1
Release: 0
Summary: YAML parser and emitter for Python
License: MIT
URL: https://github.com/yaml/pyyaml
Source: https://files.pythonhosted.org/packages/source/P/PyYAML/PyYAML-%{version}.tar.gz
-BuildRequires: %{python_module devel}
+BuildRequires: %{python_module Cython}
BuildRequires: %{python_module setuptools}
BuildRequires: fdupes
BuildRequires: libyaml-devel
@@ -56,6 +56,7 @@
%build
export CFLAGS="%{optflags}"
+export PYYAML_FORCE_LIBYAML=0 # we don't actually want to build the python lib
%python_build
# Fix example permissions.
find examples/ -type f | xargs chmod a-x
@@ -75,7 +76,7 @@
%license LICENSE
%doc CHANGES README examples/
%{python_sitearch}/yaml
-%{python_sitearch}/_yaml.*so
+%{python_sitearch}/_yaml
%{python_sitearch}/PyYAML-%{version}-py%{python_version}.egg-info
%changelog
++++++ PyYAML-5.3.1.tar.gz -> PyYAML-5.4.1.tar.gz ++++++
++++ 33826 lines of diff (skipped)