- build python with CXX, fixes problems with extensions that use CXX
such as the py-wxWidgets problem spotted by john.danks at gmail.com
from alek@ some time ago
- better pthread handling in configure
- find python binary when running regression tests, even when no python
is installed
from maintainer Aleksander Piotrowski <aleksander.piotrowski at nic.com.pl>
Aleksander Piotrowski <aleksander dot piotrowski at nic dot com dot pl>
- fix MASTER_SITES
- --without-pymalloc is not needed in 2.1 and 2.2 as it is disabled by default
this will allow using it in 2.3
- some PREFIX -> LOCALBASE cleanup
- patch distributed pydoc instead of providing our own 3-liner
- some improvements on sparc64
- teach regression suite about openbsd
- regen some patch files
Zack Weinberg found a vulnerability in the way the exevpe() method
from the os.py module uses a temporary file name. A file which
supposedly should not exist is created in a unsafe way and the method
tries to execute it. The objective of such code is to discover what
error the operating system returns in a portable way.
By exploiting this vulnerability a local attacker can execute
arbitrary code with the privileges of the user running python code
which uses the execvpe() method.
http://python.org/sf/590294http://python.org/sf/601077
size is not adequate for some of the complex processing that Zope
does, and -fPIC was aggravating that condition. Now, if we're using
shared libs, up the stack size to 128k.
Also remove some stray files that never should have been committed
in the first place.
Major changes:
- no more threads flavor, threads is now the default.
- subpackage modules that depend on other packages instead of having
largely redundant flavors (unless platform has no shared libs, then
flavors count again)
- shared libpython stuff disabled until someone can figure out why
it makes Zope crash
