From 8746ba644dc201fe964e1fd87424c1b3ef35acd4 Mon Sep 17 00:00:00 2001 From: fanjiachen Date: Tue, 18 Aug 2020 21:57:09 +0800 Subject: [PATCH 1/4] add release for update --- scipy.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scipy.spec b/scipy.spec index fb00ff0..9758cef 100644 --- a/scipy.spec +++ b/scipy.spec @@ -3,7 +3,7 @@ Name: scipy Version: 1.2.2 -Release: 2 +Release: 3 Summary: A Python-based ecosystem of open-source software for mathematics, science, and engineering License: BSD, MIT, Boost and Public Domain URL: https://www.scipy.org -- Gitee From 63ae07ed77a0277419f9d7e13dda915ca3e63123 Mon Sep 17 00:00:00 2001 From: WizardHowl Date: Thu, 13 Jul 2023 01:56:55 +0000 Subject: [PATCH 2/4] Fix CVE-2023-25399 1.Fix CVE-2023-25399 Reference: https://github.com/scipy/scipy/pull/16397/commits/9b6521198c4f31d3f9cb525e581bea8e3e77f0a2 2.The last commit by fanjiachen forget to add the changelog messege, I've added it here for the author. Signed-off-by: WizardHowl --- ...-refcounting-issue-in-Py_FindObjects.patch | 44 +++++++++++++++++++ ...all-refcount-issue-in-ndimage._ctest.patch | 31 +++++++++++++ scipy.spec | 11 ++++- 3 files changed, 85 insertions(+), 1 deletion(-) create mode 100644 backport-BUG-fix-a-minor-refcounting-issue-in-Py_FindObjects.patch create mode 100644 backport-BUG-fix-small-refcount-issue-in-ndimage._ctest.patch diff --git a/backport-BUG-fix-a-minor-refcounting-issue-in-Py_FindObjects.patch b/backport-BUG-fix-a-minor-refcounting-issue-in-Py_FindObjects.patch new file mode 100644 index 0000000..2cf335a --- /dev/null +++ b/backport-BUG-fix-a-minor-refcounting-issue-in-Py_FindObjects.patch @@ -0,0 +1,44 @@ +From 9b6521198c4f31d3f9cb525e581bea8e3e77f0a2 Mon Sep 17 00:00:00 2001 +From: Ralf Gommers +Date: Mon, 13 Jun 2022 20:12:00 +0200 +Subject: [PATCH] BUG: fix a minor refcounting issue in `Py_FindObjects` + +Closes gh-16235 + +Note: also change `Py_XDECREF`s for start/end variables to `Py_DECREF`, +because it's already checked higher up that those variables are not +NULL. + +Reference: https://github.com/scipy/scipy/pull/16397/commits/9b6521198c4f31d3f9cb525e581bea8e3e77f0a2 +Conflict: NA +--- + scipy/ndimage/src/nd_image.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/scipy/ndimage/src/nd_image.c b/scipy/ndimage/src/nd_image.c +index 8dfa21ea2..11d176a30 100644 +--- a/scipy/ndimage/src/nd_image.c ++++ b/scipy/ndimage/src/nd_image.c +@@ -885,7 +885,7 @@ static PyObject *Py_FindObjects(PyObject *obj, PyObject *args) + npy_intp idx = + PyArray_NDIM(input) > 0 ? 2 * PyArray_NDIM(input) * ii : ii; + if (regions[idx] >= 0) { +- PyObject *tuple = PyTuple_New(PyArray_NDIM(input)); ++ tuple = PyTuple_New(PyArray_NDIM(input)); + if (!tuple) { + PyErr_NoMemory(); + goto exit; +@@ -903,8 +903,8 @@ static PyObject *Py_FindObjects(PyObject *obj, PyObject *args) + PyErr_NoMemory(); + goto exit; + } +- Py_XDECREF(start); +- Py_XDECREF(end); ++ Py_DECREF(start); ++ Py_DECREF(end); + start = end = NULL; + PyTuple_SetItem(tuple, jj, slc); + slc = NULL; +-- +2.33.0 + diff --git a/backport-BUG-fix-small-refcount-issue-in-ndimage._ctest.patch b/backport-BUG-fix-small-refcount-issue-in-ndimage._ctest.patch new file mode 100644 index 0000000..93f1a73 --- /dev/null +++ b/backport-BUG-fix-small-refcount-issue-in-ndimage._ctest.patch @@ -0,0 +1,31 @@ +From 133b92679ab23e0fa4a6f3b6e45f493312531024 Mon Sep 17 00:00:00 2001 +From: Ralf Gommers +Date: Mon, 13 Jun 2022 20:20:06 +0200 +Subject: [PATCH] BUG: fix small refcount issue in `ndimage._ctest` + +Note that this is only test code, so it wasn't a real-world problem. + +Closes gh-16236 + +Reference: https://github.com/scipy/scipy/pull/16397/commits/133b92679ab23e0fa4a6f3b6e45f493312531024 +Conflict: NA +--- + scipy/ndimage/src/_ctest.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/scipy/ndimage/src/_ctest.c b/scipy/ndimage/src/_ctest.c +index fe8ce676e..f84ba064a 100644 +--- a/scipy/ndimage/src/_ctest.c ++++ b/scipy/ndimage/src/_ctest.c +@@ -93,6 +93,8 @@ py_filter2d(PyObject *obj, PyObject *args) + goto error; + } + callback_data[i] = PyFloat_AsDouble(item); ++ Py_DECREF(item); ++ item = NULL; + if (PyErr_Occurred()) goto error; + } + +-- +2.33.0 + diff --git a/scipy.spec b/scipy.spec index 9758cef..b28fe41 100644 --- a/scipy.spec +++ b/scipy.spec @@ -3,12 +3,15 @@ Name: scipy Version: 1.2.2 -Release: 3 +Release: 4 Summary: A Python-based ecosystem of open-source software for mathematics, science, and engineering License: BSD, MIT, Boost and Public Domain URL: https://www.scipy.org Source0: https://github.com/scipy/scipy/releases/download/v%{version}/scipy-%{version}.tar.gz +Patch1: backport-BUG-fix-a-minor-refcounting-issue-in-Py_FindObjects.patch +Patch2: backport-BUG-fix-small-refcount-issue-in-ndimage._ctest.patch + BuildRequires: python3-devel python3-numpy >= 1.8.2 python3-numpy-f2py #BuildRequires: python3-pytest %if %{with python2} @@ -131,6 +134,12 @@ env FFLAGS="$RPM_OPT_FLAGS -fPIC" \ %endif %changelog +* Thu Jul 13 2023 Wenyu Liu - 1.2.2-4 +- Fix CVE-2023-25399 + +* Tue Aug 18 2020 fanjiachen - 1.2.2-3 +- add release for update + * Mon Mar 23 2020 openEuler Buildteam - 1.2.2-2 - Add macros of python2 -- Gitee From 272b6ca9e7f37f683e77018862a14ff9df3ee689 Mon Sep 17 00:00:00 2001 From: xuyuchao Date: Fri, 22 Dec 2023 18:10:56 +0800 Subject: [PATCH 3/4] * Fri Dec 22 2023 xuyuchao - 1.6.2 - Type:CVE - CVE:CVE-2023-29824 - DESC:fix CVE-2023-29824 --- backport-CVE-2023-29824.patch | 24 ++++++++++++++++++++++++ scipy.spec | 8 +++++++- 2 files changed, 31 insertions(+), 1 deletion(-) create mode 100644 backport-CVE-2023-29824.patch diff --git a/backport-CVE-2023-29824.patch b/backport-CVE-2023-29824.patch new file mode 100644 index 0000000..1bc41c9 --- /dev/null +++ b/backport-CVE-2023-29824.patch @@ -0,0 +1,24 @@ +From 2ecef38c8629e9a27613e646c4f01b5c0a0a566f Mon Sep 17 00:00:00 2001 +From: Py_FindObjects +Date: Tue, 28 Nov 2023 17:33:35 +0800 +Subject: [PATCH] MAINT: Fix use-after-free bug in Py_FindObject + +--- + scipy/ndimage/src/nd_image.c | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/scipy/ndimage/src/nd_image.c b/scipy/ndimage/src/nd_image.c +index 9f3aed3..d9fcc57 100644 +--- a/scipy/ndimage/src/nd_image.c ++++ b/scipy/ndimage/src/nd_image.c +@@ -928,7 +928,6 @@ static PyObject *Py_FindObjects(PyObject *obj, PyObject *args) + Py_XDECREF(slc); + free(regions); + if (PyErr_Occurred()) { +- Py_XDECREF(result); + return NULL; + } else { + return result; +-- +2.27.0 + \ No newline at end of file diff --git a/scipy.spec b/scipy.spec index b28fe41..e381148 100644 --- a/scipy.spec +++ b/scipy.spec @@ -3,7 +3,7 @@ Name: scipy Version: 1.2.2 -Release: 4 +Release: 5 Summary: A Python-based ecosystem of open-source software for mathematics, science, and engineering License: BSD, MIT, Boost and Public Domain URL: https://www.scipy.org @@ -11,6 +11,7 @@ Source0: https://github.com/scipy/scipy/releases/download/v%{version}/scipy-%{ve Patch1: backport-BUG-fix-a-minor-refcounting-issue-in-Py_FindObjects.patch Patch2: backport-BUG-fix-small-refcount-issue-in-ndimage._ctest.patch +Patch3: backport-CVE-2023-29824.patch BuildRequires: python3-devel python3-numpy >= 1.8.2 python3-numpy-f2py #BuildRequires: python3-pytest @@ -134,6 +135,11 @@ env FFLAGS="$RPM_OPT_FLAGS -fPIC" \ %endif %changelog +* Fri Dec 22 2023 xuyuchao - 1.2.2-5 +- Type:CVE +- CVE:CVE-2023-29824 +- DESC:fix CVE-2023-29824 + * Thu Jul 13 2023 Wenyu Liu - 1.2.2-4 - Fix CVE-2023-25399 -- Gitee From 5a6a21aae75eaf89625c73edda1b5903ce86470b Mon Sep 17 00:00:00 2001 From: maokecheng Date: Tue, 26 Dec 2023 14:25:48 +0800 Subject: [PATCH 4/4] * Tue Dec 26 2023 maokecheng - 1.2.2-6 - Reference:https://github.com/scipy/scipy/commit/e8b57a3730bca08ec75c09ae8a6c9b443c7bf9f4 - DESC:dummy commit to investigate #10303 on CI --- ...y-commit-to-investigate-#10303-on-CI.patch | 24 +++++++++++++++++++ scipy.spec | 7 ++++-- 2 files changed, 29 insertions(+), 2 deletions(-) create mode 100644 backport-BUG-optimize-dummy-commit-to-investigate-#10303-on-CI.patch diff --git a/backport-BUG-optimize-dummy-commit-to-investigate-#10303-on-CI.patch b/backport-BUG-optimize-dummy-commit-to-investigate-#10303-on-CI.patch new file mode 100644 index 0000000..0b6546f --- /dev/null +++ b/backport-BUG-optimize-dummy-commit-to-investigate-#10303-on-CI.patch @@ -0,0 +1,24 @@ +From b1fde70ea31bc1e015f0a929453ac757c83f23d7 Mon Sep 17 00:00:00 2001 +From: rpm-build +Date: Tue, 26 Dec 2023 11:42:35 +0800 +Subject: [PATCH] BUG: optimize: dummy commit to investigate + +--- + scipy/optimize/_linprog_simplex.py | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/scipy/optimize/_linprog_simplex.py b/scipy/optimize/_linprog_simplex.py +index 41e3b3f..f2f8cb9 100755 +--- a/scipy/optimize/_linprog_simplex.py ++++ b/scipy/optimize/_linprog_simplex.py +@@ -63,6 +63,7 @@ def _pivot_col(T, tol=1.0E-12, bland=False): + if ma.count() == 0: + return False, np.nan + if bland: ++ # ma.mask is sometimes 0d + return True, np.nonzero(ma.mask == False)[0][0] + return True, np.ma.nonzero(ma == ma.min())[0][0] + +-- +2.33.0 + diff --git a/scipy.spec b/scipy.spec index e381148..2dee847 100644 --- a/scipy.spec +++ b/scipy.spec @@ -3,7 +3,7 @@ Name: scipy Version: 1.2.2 -Release: 5 +Release: 6 Summary: A Python-based ecosystem of open-source software for mathematics, science, and engineering License: BSD, MIT, Boost and Public Domain URL: https://www.scipy.org @@ -12,7 +12,7 @@ Source0: https://github.com/scipy/scipy/releases/download/v%{version}/scipy-%{ve Patch1: backport-BUG-fix-a-minor-refcounting-issue-in-Py_FindObjects.patch Patch2: backport-BUG-fix-small-refcount-issue-in-ndimage._ctest.patch Patch3: backport-CVE-2023-29824.patch - +Patch4: backport-BUG-optimize-dummy-commit-to-investigate-#10303-on-CI BuildRequires: python3-devel python3-numpy >= 1.8.2 python3-numpy-f2py #BuildRequires: python3-pytest %if %{with python2} @@ -135,6 +135,9 @@ env FFLAGS="$RPM_OPT_FLAGS -fPIC" \ %endif %changelog +* Tue Dec 26 2023 maokecheng - 1.2.2-6 +- DESC:dummy commit to investigate #10303 on CI + * Fri Dec 22 2023 xuyuchao - 1.2.2-5 - Type:CVE - CVE:CVE-2023-29824 -- Gitee