Revision bump: add patch for CVE-2014-4616, bug #514686. Drop old revisions. Acked by Python team

(Portage version: 2.2.10/cvs/Linux x86_64, signed Manifest commit with key 0x1F357D42)
author: Sergey Popov <pinkbyte@gentoo.org> 2014-07-29 07:19:13 +0000
committer: Sergey Popov <pinkbyte@gentoo.org> 2014-07-29 07:19:13 +0000
commit: 815a977afbf1c014f3c77aca7f64b29bcb8fc1ad (patch)
tree: b892b9f76ed56a184d5f68f1aa1dc243515a7307 /dev-lang
parent: Bump (diff)
download: gentoo-2-815a977afbf1c014f3c77aca7f64b29bcb8fc1ad.tar.gz
gentoo-2-815a977afbf1c014f3c77aca7f64b29bcb8fc1ad.tar.bz2
gentoo-2-815a977afbf1c014f3c77aca7f64b29bcb8fc1ad.zip
5 files changed, 109 insertions, 3 deletions
diff --git a/dev-lang/python/ChangeLog b/dev-lang/python/ChangeLog
index b7a7c69cb76c..662a4034477a 100644
--- a/dev-lang/python/ChangeLog
+++ b/dev-lang/python/ChangeLog
@@ -1,6 +1,15 @@
 # ChangeLog for dev-lang/python
 # Copyright 1999-2014 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/dev-lang/python/ChangeLog,v 1.764 2014/07/18 13:48:30 klausman Exp $
+# $Header: /var/cvsroot/gentoo-x86/dev-lang/python/ChangeLog,v 1.765 2014/07/29 07:19:13 pinkbyte Exp $
+
+*python-3.3.5-r1 (29 Jul 2014)
+*python-3.2.5-r5 (29 Jul 2014)
+
+  29 Jul 2014; Sergey Popov <pinkbyte@gentoo.org> -python-3.2.5-r4.ebuild,
+  +python-3.2.5-r5.ebuild, -python-3.3.5.ebuild, +python-3.3.5-r1.ebuild,
+  +files/python-3.2-CVE-2014-4616.patch, +files/python-3.3-CVE-2014-4616.patch:
+  Revision bump: add patch for CVE-2014-4616, bug #514686. Drop old revisions.
+  Acked by Python team
 
   18 Jul 2014; Tobias Klausmann <klausman@gentoo.org> python-2.7.6.ebuild:
   Stable on alpha, bug #504742
diff --git a/dev-lang/python/files/python-3.2-CVE-2014-4616.patch b/dev-lang/python/files/python-3.2-CVE-2014-4616.patch
new file mode 100644
index 000000000000..5b0a397487c0
--- /dev/null
+++ b/dev-lang/python/files/python-3.2-CVE-2014-4616.patch
@@ -0,0 +1,39 @@
+# HG changeset patch
+# User Benjamin Peterson <benjamin@python.org>
+# Date 1397441438 14400
+# Node ID 50c07ed1743da9cd4540d83de0c30bd17aeb41b0
+# Parent  218e28a935ab4494d05215c243e2129625a71893
+in scan_once, prevent the reading of arbitrary memory when passed a negative index
+
+Bug reported by Guido Vranken.
+
+Index: Python-3.2.5/Lib/json/tests/test_decode.py
+===================================================================
+--- Python-3.2.5.orig/Lib/test/json_tests/test_decode.py	2014-06-26 18:40:10.825269130 +0200
++++ Python-3.2.5/Lib/test/json_tests/test_decode.py	2014-06-26 18:40:21.962323035 +0200
+@@ -60,5 +60,9 @@
+         msg = 'escape'
+         self.assertRaisesRegexp(ValueError, msg, self.loads, s)
+ 
++    def test_negative_index(self):
++        d = self.json.JSONDecoder()
++        self.assertRaises(ValueError, d.raw_decode, 'a'*42, -50000)
++
+ class TestPyDecode(TestDecode, PyTest): pass
+ class TestCDecode(TestDecode, CTest): pass
+Index: Python-3.2.5/Modules/_json.c
+===================================================================
+--- a/Modules/_json.c
++++ b/Modules/_json.c
+@@ -930,7 +930,10 @@ scan_once_unicode(PyScannerObject *s, Py
+     PyObject *res;
+     Py_UNICODE *str = PyUnicode_AS_UNICODE(pystr);
+     Py_ssize_t length = PyUnicode_GET_SIZE(pystr);
+-    if (idx >= length) {
++    if (idx < 0)
++        /* Compatibility with Python version. */
++        idx += length;
++    if (idx < 0 || idx >= length) {
+         PyErr_SetNone(PyExc_StopIteration);
+         return NULL;
+     }
diff --git a/dev-lang/python/files/python-3.3-CVE-2014-4616.patch b/dev-lang/python/files/python-3.3-CVE-2014-4616.patch
new file mode 100644
index 000000000000..c67b2e5feedc
--- /dev/null
+++ b/dev-lang/python/files/python-3.3-CVE-2014-4616.patch
@@ -0,0 +1,52 @@
+# HG changeset patch
+# User Benjamin Peterson <benjamin@python.org>
+# Date 1397441438 14400
+# Node ID 50c07ed1743da9cd4540d83de0c30bd17aeb41b0
+# Parent  218e28a935ab4494d05215c243e2129625a71893
+in scan_once, prevent the reading of arbitrary memory when passed a negative index
+
+Bug reported by Guido Vranken.
+
+Index: Python-3.3.5/Lib/json/tests/test_decode.py
+===================================================================
+--- Python-3.3.5.orig/Lib/test/test_json/test_decode.py	2014-06-26 18:40:10.825269130 +0200
++++ Python-3.3.5/Lib/test/test_json/test_decode.py	2014-06-26 18:40:21.962323035 +0200
+@@ -60,5 +60,10 @@
+         msg = 'escape'
+         self.assertRaisesRegexp(ValueError, msg, self.loads, s)
+ 
++    def test_negative_index(self):
++        d = self.json.JSONDecoder()
++        self.assertRaises(ValueError, d.raw_decode, 'a'*42, -50000)
++        self.assertRaises(ValueError, d.raw_decode, u'a'*42, -50000)
++
+ class TestPyDecode(TestDecode, PyTest): pass
+ class TestCDecode(TestDecode, CTest): pass
+Index: Python-3.3.5/Misc/ACKS
+===================================================================
+--- Python-3.3.5.orig/Misc/ACKS	2014-06-26 18:40:10.826269135 +0200
++++ Python-3.3.5/Misc/ACKS	2014-06-26 18:40:21.962323035 +0200
+@@ -1085,6 +1085,7 @@
+ Frank Visser
+ Johannes Vogel
+ Alex Volkov
++Guido Vranken
+ Martijn Vries
+ Niki W. Waibel
+ Wojtek Walczak
+Index: Python-3.3.5/Modules/_json.c
+===================================================================
+--- a/Modules/_json.c
++++ b/Modules/_json.c
+@@ -975,7 +975,10 @@ scan_once_unicode(PyScannerObject *s, Py
+     kind = PyUnicode_KIND(pystr);
+     length = PyUnicode_GET_LENGTH(pystr);
+ 
+-    if (idx >= length) {
++    if (idx < 0)
++        /* Compatibility with Python version. */
++        idx += length;
++    if (idx < 0 || idx >= length) {
+         PyErr_SetNone(PyExc_StopIteration);
+         return NULL;
+     }
diff --git a/dev-lang/python/python-3.2.5-r4.ebuild b/dev-lang/python/python-3.2.5-r5.ebuild
index 71bb9cb869ce..68cee4a007da 100644
--- a/dev-lang/python/python-3.2.5-r4.ebuild
+++ b/dev-lang/python/python-3.2.5-r5.ebuild
@@ -1,6 +1,6 @@
 # Copyright 1999-2014 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/dev-lang/python/python-3.2.5-r4.ebuild,v 1.1 2014/05/10 01:44:50 floppym Exp $
+# $Header: /var/cvsroot/gentoo-x86/dev-lang/python/python-3.2.5-r5.ebuild,v 1.1 2014/07/29 07:19:13 pinkbyte Exp $
 
 EAPI="4"
 WANT_AUTOMAKE="none"
@@ -96,6 +96,9 @@ src_prepare() {
 	# Disable ABI flags.
 	sed -e "s/ABIFLAGS=\"\${ABIFLAGS}.*\"/:/" -i configure.ac || die "sed failed"
 
+	# bug #514686
+	epatch "${FILESDIR}/${PN}-3.2-CVE-2014-4616.patch"
+
 	epatch_user
 
 	eautoconf
diff --git a/dev-lang/python/python-3.3.5.ebuild b/dev-lang/python/python-3.3.5-r1.ebuild
index c37baafbfc03..2ac3ea224f95 100644
--- a/dev-lang/python/python-3.3.5.ebuild
+++ b/dev-lang/python/python-3.3.5-r1.ebuild
@@ -1,6 +1,6 @@
 # Copyright 1999-2014 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/dev-lang/python/python-3.3.5.ebuild,v 1.2 2014/05/10 01:44:50 floppym Exp $
+# $Header: /var/cvsroot/gentoo-x86/dev-lang/python/python-3.3.5-r1.ebuild,v 1.1 2014/07/29 07:19:13 pinkbyte Exp $
 
 EAPI="4"
 WANT_AUTOMAKE="none"
@@ -86,6 +86,9 @@ src_prepare() {
 	# Disable ABI flags.
 	sed -e "s/ABIFLAGS=\"\${ABIFLAGS}.*\"/:/" -i configure.ac || die "sed failed"
 
+	# bug #514686
+	epatch "${FILESDIR}/${PN}-3.3-CVE-2014-4616.patch"
+
 	epatch_user
 
 	eautoconf
author	Sergey Popov <pinkbyte@gentoo.org>	2014-07-29 07:19:13 +0000
committer	Sergey Popov <pinkbyte@gentoo.org>	2014-07-29 07:19:13 +0000
commit	815a977afbf1c014f3c77aca7f64b29bcb8fc1ad (patch)
tree	b892b9f76ed56a184d5f68f1aa1dc243515a7307 /dev-lang
parent	Bump (diff)
download	gentoo-2-815a977afbf1c014f3c77aca7f64b29bcb8fc1ad.tar.gz gentoo-2-815a977afbf1c014f3c77aca7f64b29bcb8fc1ad.tar.bz2 gentoo-2-815a977afbf1c014f3c77aca7f64b29bcb8fc1ad.zip