Remove 0026-py310-mailcap-CVE-2015-20107.patch because that same fix was merged in upstream on Sep 20 (see commit). I believe this is the right thing to do because of the following timeline:
Sep 6, 2022: Upstream Python 3.10.7 was released (does not contain a fix for the mailcap vulnerability).
Oct 5, 2022: Anaconda added a patch (same as what the upstream merged in on Sep 20) for the mailcap vulnerability, and rebuilt 3.10.6 with a build number of 1.
Updates:
v3.10.6
tov3.10.8
.0026-py310-mailcap-CVE-2015-20107.patch
because that same fix was merged in upstream on Sep 20 (see commit). I believe this is the right thing to do because of the following timeline:3.10.7
was released (does not contain a fix for the mailcap vulnerability).3.10.6
with a build number of1
.3.10.8
was released (does contain the fix for the mailcap vulnerability).