Bug 1213463

Summary: python310 unreproducible pyc part2
Product: [openSUSE] openSUSE Tumbleweed Reporter: Bernhard Wiedemann <bwiedemann>
Component: OtherAssignee: Matej Cepl <mcepl>
Status: RESOLVED FIXED QA Contact: E-mail List <qa-bugs>
Severity: Normal    
Priority: P5 - None CC: mcepl
Version: Current   
Target Milestone: ---   
Hardware: Other   
OS: All   
Whiteboard:
Found By: Development Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---
Bug Depends on:    
Bug Blocks: 1081754    

Description Bernhard Wiedemann 2023-07-19 09:20:12 UTC 
After bug 1211765 was fixed, there were still issues with 1-byte-changes
in python310's .pyc files.

Please cherry-pick this fixing commit from 3.11 into 3.10:

commit 6dcfd6c5e3cb46543e82dc3f7234546adf4bb04a
Author: Inada Naoki <songofacandy@gmail.com>
Date:   Wed May 4 10:01:15 2022 +0900

    gh-78214: marshal: Stabilize FLAG_REF usage (GH-8226)

    Use FLAG_REF always for interned strings.

    Refcounts of interned string is very unstable.
    When compiling same source, refcounts of interned string in the output may be 1 or >1.
    It makes FLAG_REF usage unstable.

    To help reproducible build, use FLAG_REF for interned string even if refcnt(obj)==1.
Comment 1 OBSbugzilla Bot 2023-07-19 12:55:05 UTC 
This is an autogenerated message for OBS integration:
This bug (1213463) was mentioned in
https://build.opensuse.org/request/show/1099501 Factory / python310
Comment 2 OBSbugzilla Bot 2023-07-26 15:35:04 UTC 
This is an autogenerated message for OBS integration:
This bug (1213463) was mentioned in
https://build.opensuse.org/request/show/1100886 Factory / python39
Comment 8 Maintenance Automation 2023-09-20 16:30:01 UTC 
SUSE-SU-2023:3708-1: An update that solves one vulnerability and has two security fixes can now be installed.

Category: security (important)
Bug References: 1211765, 1213463, 1214692
CVE References: CVE-2023-40217
Sources used:
openSUSE Leap 15.4 (src): python39-documentation-3.9.18-150300.4.33.1, python39-3.9.18-150300.4.33.1, python39-core-3.9.18-150300.4.33.1
openSUSE Leap 15.5 (src): python39-documentation-3.9.18-150300.4.33.1, python39-3.9.18-150300.4.33.1, python39-core-3.9.18-150300.4.33.1
SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 (src): python39-3.9.18-150300.4.33.1, python39-core-3.9.18-150300.4.33.1
SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (src): python39-3.9.18-150300.4.33.1, python39-core-3.9.18-150300.4.33.1
SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (src): python39-3.9.18-150300.4.33.1, python39-core-3.9.18-150300.4.33.1
SUSE Linux Enterprise Server for SAP Applications 15 SP3 (src): python39-3.9.18-150300.4.33.1, python39-core-3.9.18-150300.4.33.1
SUSE Manager Proxy 4.2 (src): python39-3.9.18-150300.4.33.1, python39-core-3.9.18-150300.4.33.1
SUSE Manager Retail Branch Server 4.2 (src): python39-3.9.18-150300.4.33.1, python39-core-3.9.18-150300.4.33.1
SUSE Manager Server 4.2 (src): python39-3.9.18-150300.4.33.1, python39-core-3.9.18-150300.4.33.1
SUSE Enterprise Storage 7.1 (src): python39-3.9.18-150300.4.33.1, python39-core-3.9.18-150300.4.33.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 9 Maintenance Automation 2023-09-27 20:31:20 UTC 
SUSE-SU-2023:3824-1: An update that solves one vulnerability and has one security fix can now be installed.

Category: security (important)
Bug References: 1213463, 1214692
CVE References: CVE-2023-40217
Sources used:
openSUSE Leap 15.4 (src): python310-core-3.10.13-150400.4.33.1, python310-3.10.13-150400.4.33.1, python310-documentation-3.10.13-150400.4.33.1
openSUSE Leap 15.5 (src): python310-core-3.10.13-150400.4.33.1, python310-3.10.13-150400.4.33.1, python310-documentation-3.10.13-150400.4.33.1
Python 3 Module 15-SP4 (src): python310-core-3.10.13-150400.4.33.1, python310-3.10.13-150400.4.33.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 12 Matej Cepl 2024-03-07 06:09:50 UTC 
Done long ago.