CentOS7 の Python 2.7.5
CentOS7 内の Python のバージョンは 2.7.5 です。が、Python の公式ページの 2.7.5 のソースからビルドして出来上がるものとはちょっと違っていて、複数のパッチが当たってます。これは、Python に限りませんが、バージョン番号に続くリリース番号によって区別できます。
CentOS7.0 リリースの時点ですでにパッチが当たっているらしいことが分かります。
そこで、各リリースごとにどのようなパッチが当たっているのかを調べてみました。各ソース rpm の中の python.spec を元に比較してみると、次のような感じになりました。リリースが進むごとにパッチが増えているのが分かると思います。
$ python --version 2.7.5 $ $ yum info python (略) 名前 : python アーキテクチャー : x86_64 バージョン : 2.7.5 リリース : 76.el7 (略)そのリリース番号(.el7 は省略)は、次のように変遷しています。
| CentOS | python-2.7.5-(リリース番号) |
|---|---|
| 7.0-1406 | 16 |
| 7.1-1503 | 16, 18 |
| 7.2-1511 | 34, 38, 39 |
| 7.3-1611 | 48 |
| 7.4-1708 | 58 |
| 7.5-1804 | 68, 69 |
| 7.6-1810 | 76 |
ReleaseNum Patch name
--+--+--+--+--+--+--+--+--+--+--------------------------------------------------------------------------------
16 18 34 38 39 48 58 68 69 76 00001-pydocnogui.patch
16 18 34 38 39 48 58 68 69 76 python-2.5-cflags.patch
16 18 34 38 39 48 58 68 69 76 python-2.5.1-plural-fix.patch
16 18 34 38 39 48 58 68 69 76 python-2.5.1-sqlite-encoding.patch
16 18 34 38 39 48 58 68 69 76 python-2.7rc1-binutils-no-dep.patch
16 18 34 38 39 48 58 68 69 76 python-2.7rc1-socketmodule-constants.patch
16 18 34 38 39 48 58 68 69 76 python-2.7rc1-socketmodule-constants2.patch
16 18 34 38 39 48 58 68 69 76 python-2.6-rpath.patch
16 18 34 38 39 48 58 68 69 76 python-2.6.4-distutils-rpath.patch
16 18 34 38 39 48 58 68 69 76 00055-systemtap.patch
16 18 34 38 39 48 58 68 69 76 python-2.7.3-lib64.patch
16 18 34 38 39 48 58 68 69 76 python-2.7-lib64-sysconfig.patch
16 18 34 38 39 48 58 68 69 76 00104-lib64-fix-for-test_install.patch
16 18 34 38 39 48 58 68 69 76 00111-no-static-lib.patch
16 18 34 38 39 48 58 68 69 76 python-2.7.3-debug-build.patch
16 18 34 38 39 48 58 68 69 76 00113-more-configuration-flags.patch
16 18 34 38 39 48 58 68 69 76 00114-statvfs-f_flag-constants.patch
16 18 34 38 39 48 58 68 69 76 00121-add-Modules-to-build-path.patch
16 18 34 38 39 48 58 68 69 76 00125-less-verbose-COUNT_ALLOCS.patch
16 18 34 38 39 48 58 68 69 76 python-2.7.1-fix_test_abc_with_COUNT_ALLOCS.patch
16 18 34 38 39 48 58 68 69 76 python-2.7.2-add-extension-suffix-to-python-config.patch
16 18 34 38 39 48 58 68 69 76 00131-disable-tests-in-test_io.patch
16 18 34 38 39 48 58 68 69 76 00132-add-rpmbuild-hooks-to-unittest.patch
16 18 34 38 39 48 58 68 69 76 00133-skip-test_dl.patch
16 18 34 38 39 48 58 68 69 76 00134-fix-COUNT_ALLOCS-failure-in-test_sys.patch
16 18 34 38 39 48 58 68 69 76 00135-skip-test-within-test_weakref-in-debug-build.patch
16 18 34 38 39 48 58 68 69 76 00136-skip-tests-of-seeking-stdin-in-rpmbuild.patch
16 18 34 38 39 48 58 68 69 76 00137-skip-distutils-tests-that-fail-in-rpmbuild.patch
16 18 34 38 39 48 58 68 69 76 00138-fix-distutils-tests-in-debug-build.patch
16 18 34 38 39 48 58 68 69 76 00139-skip-test_float-known-failure-on-arm.patch
16 18 34 38 39 48 58 68 69 76 00140-skip-test_ctypes-known-failure-on-sparc.patch
16 18 34 38 39 48 58 68 69 76 00141-fix-test_gc_with_COUNT_ALLOCS.patch
16 18 34 38 39 48 58 68 69 76 00142-skip-failing-pty-tests-in-rpmbuild.patch
16 18 34 38 39 48 58 68 69 76 00143-tsc-on-ppc.patch
16 18 34 38 39 48 58 68 69 76 00144-no-gdbm.patch
16 18 34 38 39 48 58 68 69 76 00146-hashlib-fips.patch
16 18 34 38 39 48 58 68 69 76 00147-add-debug-malloc-stats.patch
16 18 34 38 39 48 58 68 69 76 00153-fix-test_gdb-noise.patch
16 18 34 38 39 48 58 68 69 76 00155-avoid-ctypes-thunks.patch
16 18 34 38 39 48 58 68 69 76 00156-gdb-autoload-safepath.patch
16 18 34 38 39 48 58 68 69 76 00157-uid-gid-overflows.patch
16 18 34 38 39 48 58 68 69 76 00165-crypt-module-salt-backport.patch
16 18 34 38 39 48 58 68 69 76 00166-fix-fake-repr-in-gdb-hooks.patch
16 18 34 38 39 48 58 68 69 76 00167-disable-stack-navigation-tests-when-optimized-in-test_gdb.patch
16 18 34 38 39 48 58 68 69 76 00168-distutils-cflags.patch
16 18 34 38 39 48 58 68 69 76 00169-avoid-implicit-usage-of-md5-in-multiprocessing.patch
16 18 34 38 39 48 58 68 69 76 00170-gc-assertions.patch
16 18 34 38 39 48 58 68 69 76 00173-workaround-ENOPROTOOPT-in-bind_port.patch
16 18 34 38 39 48 58 68 69 76 00174-fix-for-usr-move.patch
16 18 34 38 39 48 58 68 69 76 00180-python-add-support-for-ppc64p7.patch
16 18 34 38 39 48 58 68 69 76 00181-allow-arbitrary-timeout-in-condition-wait.patch
16 18 34 38 39 48 58 68 69 76 00184-ctypes-should-build-with-libffi-multilib-wrapper.patch
16 18 34 38 39 48 58 68 69 76 00185-urllib2-honors-noproxy-for-ftp.patch
16 18 34 38 39 48 58 68 69 76 00186-memory-leak-marshalc.patch
16 18 34 38 39 48 58 68 69 76 00187-add-RPATH-to-pyexpat.patch
16 18 34 38 39 48 58 68 69 76 00188-CVE-2013-4238-hostname-check-bypass-in-SSL-module.patch
16 18 34 38 39 48 58 68 69 76 00189-gdb-py-bt-dont-raise-exception-from-eval.patch
16 18 34 38 39 48 58 68 69 76 00190-gdb-fix-ppc64-failures.patch
16 18 34 38 39 48 58 68 69 76 00191-add-RPATH-to-elementtree.patch
16 18 34 38 39 48 58 68 69 76 00192-Fix-missing-documentation-for-some-keywords.patch
16 18 34 38 39 48 58 68 69 76 00193-buffer-overflow.patch
18 34 38 39 48 58 68 69 76 00194-gdb-dont-fail-on-frame-with-address.patch
18 34 38 39 48 58 68 69 76 00195-make-multiproc-ignore-EINTR.patch
34 38 39 48 58 68 69 76 00196-avoid-double-close-of-pipes.patch
34 38 39 48 58 68 69 76 00197-add-missing-import-in-bdist_rpm.patch
34 38 39 48 58 68 69 76 00198-fix-readline-erroneous-output.patch
34 38 39 48 58 68 69 76 00199-CVE-2013-1753.patch
34 38 39 48 58 68 69 76 00200-CVE-2014-4616.patch
34 38 39 48 58 68 69 76 00201-CVE-2014-4650.patch
34 38 39 48 58 68 69 76 00202-CVE-2014-7185.patch
34 38 39 48 58 68 69 76 00203-CVE-2013-1752-nntplib.patch
34 38 39 48 58 68 69 76 00204-CVE-2013-1752-ftplib.patch
34 38 39 48 58 68 69 76 00205-CVE-2013-1752-httplib-headers.patch
34 38 39 48 58 68 69 76 00206-CVE-2013-1752-poplib.patch
34 38 39 48 58 68 69 76 00207-CVE-2013-1752-smtplib.patch
34 38 39 48 58 68 69 76 00208-CVE-2013-1752-imaplib.patch
34 38 39 48 58 68 69 76 00209-pep466-backport-hmac.compare_digest.patch
34 38 39 48 58 68 69 76 00210-pep466-backport-hashlib.pbkdf2_hmac.patch
34 38 39 48 58 68 69 76 00211-pep466-UTF-7-decoder-fix-illegal-unicode.patch
34 38 39 48 58 68 69 76 00212-pep466-pyunicode_fromformat-raise-overflow.patch
34 38 39 48 58 68 69 76 00213-pep466-pyunicode_fromformat-fix-formats.patch
34 38 39 48 58 68 69 76 00214-pep466-backport-py3-ssl-changes.patch
34 38 39 48 58 68 69 76 00215-pep466-reflect-openssl-settings-ssltests.patch
34 38 39 48 58 68 69 76 00216-pep466-fix-load-verify-locs-unicode.patch
34 38 39 48 58 68 69 76 00217-pep466-backport-hashlib-algorithm-consts.patch
34 38 39 48 58 68 69 76 00218-pep466-backport-urandom-pers-fd.patch
34 38 39 48 58 68 69 76 00219-pep466-fix-referenced-sslwrap.patch
34 38 39 48 58 68 69 76 00220-pep466-allow-passing-ssl-urrlib-httplib.patch
34 38 39 00221-pep466-backport-sslwrap-c-ssl.patch
34 38 39 48 58 68 69 76 00222-add-2014-bit-dh-key.patch
34 38 39 48 58 68 69 76 00223-pep476-verify-certs-by-default.patch
34 38 39 48 58 68 69 76 00224-pep476-add-toggle-for-cert-verify.patch
34 38 39 48 58 68 69 76 00225-cprofile-sort-option.patch
34 38 39 48 58 68 69 76 00227-accept-none-keyfile-loadcertchain.patch
34 38 39 48 58 68 69 76 00228-backport-ssl-version.patch
38 39 48 58 68 69 76 00229-Expect-a-failure-when-trying-to-connect-with-SSLv2-c.patch
38 39 48 58 68 69 76 00230-force-all-child-threads-to-terminate-in-TestForkInThread.patch
39 48 58 68 69 76 00231-Initialize-OpenSSL_add_all_digests-in-_hashlib.patch
48 58 68 69 76 00232-man-page-date-macro-removal.patch
48 58 68 69 76 00233-Computed-Goto-dispatch.patch
48 58 68 69 76 00234-PEP493-updated-implementation.patch
48 58 68 69 76 00235-JSON-decoder-lone-surrogates-fix.patch
48 58 68 69 76 00236-use-Py_ssize_t-for-file-offset-and-length-computations-in-iteration.patch
38 39 48 58 68 69 76 00237-CVE-2016-0772-smtplib.patch
38 39 48 58 68 69 76 00238-CVE-2016-5699-httplib.patch
68 69 76 00240-increase-smtplib-tests-timeouts.patch
48 58 68 69 76 00241-CVE-2016-5636-buffer-overflow-in-zipimport-module-fix.patch
38 39 48 58 68 69 76 00242-CVE-2016-1000110-httpoxy.patch
58 68 69 76 00255-Fix-ssl-module-parsing-of-GEN_RID-subject-alternative-name-fields-in-X.509-certs.patch
58 68 69 76 00256-fix-incorrect-parsing-of-regular-expressions.patch
58 68 69 76 00257-threading-wait-clamp-remaining-time.patch
58 68 69 76 00263-fix-ssl-reference-leaks.patch
58 68 69 76 00265-protect-key-list-during-fork.patch
58 68 69 76 00266-fix-shutil.make_archive-ignoring-empty-dirs.patch
58 68 69 76 00268-set-stream-name-to-None.patch
68 69 76 00275-fix-fnctl-with-integer-on-big-endian.patch
68 69 76 00276-increase-imaplib-MAXLINE.patch
68 69 76 00281-add-context-parameter-to-xmlrpclib.ServerProxy.patch
68 69 76 00282-obmalloc-mmap-threshold.patch
76 00285-fix-non-deterministic-read-in-test_pty.patch
68 69 76 00287-fix-thread-hanging-on-inaccessible-nfs-server.patch
68 69 76 00295-fix-https-behind-proxy.patch
68 69 76 00296-Readd-the-private-_set_hostport-api-to-httplib.patch
76 00298-do-not-send-IP-in-SNI-TLS-extension.patch
76 00299-fix-ssl-module-pymax.patch
76 00303-CVE-2018-1060-1.patch
69 76 00305-CVE-2016-2183.patch
76 00306-fix-oserror-17-upon-semaphores-creation.patch
最新版の python.spec の内容はココにあります。
ちなみに rpm は次のようにして展開してます。この中の$ wget http://vault.centos.org/7.2.1511/os/Source/SPackages/python-2.7.5-34.el7.src.rpm $ mkdir python-2.7.5-34.el7 $ cd python-2.7.5-34.el7 $ rpm2cpio ../python-2.7.5-34.el7.src.rpm | cpio -idv
34 以降のリリースより、00198-fix-readline-erroneous-output.patch が適用されています。これが前回の記事の import readline 時にゴミが表示される問題に対するパッチになります。
公式 Python ではこのパッチは 2.7.9 (2014-12-10) より適用されるのですが、CentOS7 の Python では 2.7.5 のまま、リリース番号 34 (2015-12-14) より適用されている、ということになります。