diff options
| author |   Ian Delaney <idella4@gentoo.org> | 2013-07-12 09:57:51 +0000 |
|---|---|---|
| committer | Ian Delaney <idella4@gentoo.org> | 2013-07-12 09:57:51 +0000 |
| commit | 9cd3b25e9abb823db6d71c30c5615d4cd6a9cc7a (patch) | |
| tree | 37f7a73d11ec93d83b2a8de656a31dd4989bf8d8 /dev-python | |
| parent | Enable the system-libs patch. (diff) | |
| download | gentoo-2-9cd3b25e9abb823db6d71c30c5615d4cd6a9cc7a.tar.gz gentoo-2-9cd3b25e9abb823db6d71c30c5615d4cd6a9cc7a.tar.bz2 gentoo-2-9cd3b25e9abb823db6d71c30c5615d4cd6a9cc7a.zip | |
dev-python/elixir purged, lastrited in Bug 472496
Diffstat (limited to 'dev-python')
| -rw-r--r-- | dev-python/elixir/ChangeLog | 44 | ||||
| -rw-r--r-- | dev-python/elixir/Manifest | 15 | ||||
| -rw-r--r-- | dev-python/elixir/elixir-0.7.1-r1.ebuild | 55 | ||||
| -rw-r--r-- | dev-python/elixir/files/elixir-0.7.1-CVE-2012-2146-aes.patch | 85 | ||||
| -rw-r--r-- | dev-python/elixir/metadata.xml | 8 |
5 files changed, 0 insertions, 207 deletions
diff --git a/dev-python/elixir/ChangeLog b/dev-python/elixir/ChangeLog deleted file mode 100644 index be3bed9536b0..000000000000 --- a/dev-python/elixir/ChangeLog +++ /dev/null @@ -1,44 +0,0 @@ -# ChangeLog for dev-python/elixir -# Copyright 1999-2013 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/dev-python/elixir/ChangeLog,v 1.9 2013/05/04 21:20:52 floppym Exp $ - - 04 May 2013; Mike Gilbert <floppym@gentoo.org> elixir-0.7.1-r1.ebuild: - Drop dependency on dev-python/elementtree. - - 16 Nov 2012; Ian Delaney <idella4@gentoo.org> -elixir-0.7.1.ebuild: - dropped 0.7.1 wrt Bug #434576 - -*elixir-0.7.1-r1 (11 Nov 2012) - - 11 Nov 2012; Ian Delaney <idella4@gentoo.org> +elixir-0.7.1-r1.ebuild, - +files/elixir-0.7.1-CVE-2012-2146-aes.patch: - revbumped with security patch CVE-2012-2146 added to files wrt Bug #434576 - -*elixir-0.7.1 (21 Dec 2009) - - 21 Dec 2009; Arfrever Frehtes Taifersar Arahesis <arfrever@gentoo.org> - +elixir-0.7.1.ebuild: - Version bump. Set SUPPORT_PYTHON_ABIS. - -*elixir-0.6.1 (30 Sep 2008) - - 30 Sep 2008; Jesus Rivero <neurogeek@gentoo.org> -elixir-0.3.0.ebuild, - +elixir-0.6.1.ebuild: - Version bump. Removed older version - - 17 Jul 2008; Ali Polatel <hawking@gentoo.org> elixir-0.5.2.ebuild: - Update sqlalchemy dependency, #232073 - - 05 May 2008; Rob Cakebread <pythonhead@gentoo.org> elixir-0.5.2.ebuild: - Added distutils cmd for pudge. bug #220387 - -*elixir-0.5.2 (05 Apr 2008) - - 05 Apr 2008; Ali Polatel <hawking@gentoo.org> +elixir-0.5.2.ebuild: - Version bump. - -*elixir-0.3.0 (31 Jul 2007) - - 31 Jul 2007; Tiziano Müller <dev-zero@gentoo.org> +metadata.xml, - +elixir-0.3.0.ebuild: - Initial ebuild diff --git a/dev-python/elixir/Manifest b/dev-python/elixir/Manifest deleted file mode 100644 index b95c8d083065..000000000000 --- a/dev-python/elixir/Manifest +++ /dev/null @@ -1,15 +0,0 @@ ------BEGIN PGP SIGNED MESSAGE----- -Hash: SHA256 - -AUX elixir-0.7.1-CVE-2012-2146-aes.patch 2926 SHA256 f5a089b91533238b871e0217ccfedaf8a3543d3fa2b19409a1c28799a8661912 SHA512 0b23c41384be49cf9f737d4669959cf85e2efea02b6ca27553fdab0b62f55ab86fae6b7d2862afea73dbf93cdcf035841843a922512a5710f1ac8c505cff16b9 WHIRLPOOL e0737c61fc67ff7f927229b97f4a1209a3e0e50b202e0e4b30b3b108faa1757b659c576fedef02707c8584b82a9d252a6301673038f0d20506eca92832ff287a -DIST Elixir-0.7.1.tar.gz 47110 SHA256 a7ef437f25b544e4f74fb3236fc43cd25f5d6feb6037dd7c66931046d75439e9 SHA512 4a0fa88bebcc54527d1cbb0275435a4894e620609d0ce8569c67cde63a64630b568db59a71fce43c0819664d85e0b74244f41283f14457dfc3dcea4649e8b85d WHIRLPOOL 70c3cfeb896f771f876529ab21710ebe625144da852b5bb1ab388f09a52313d1f23ebeffbe6766937cbfa99652f03ef7c89f7abf78793af87a4ab61b42217575 -EBUILD elixir-0.7.1-r1.ebuild 1287 SHA256 e1f08b5ca919e9e3ceb915da657924ac8b543e5ac758a3af60d455663aecdcd6 SHA512 a3282965861b53620c52e838f6dc07b2b14f8168edc78a714b74220413f758771a8ecc129d4b897f8e473830b47e27b964b1538a28dd41a0e602e204087d7edd WHIRLPOOL 646e7417dd177eedaeefbb7bcf6954249471661e6292d4653c655aeec20f410d6550540a38cb1f42bbd8e91440477c20a8d5eb54ccc1b1103f0403ab97d994f8 -MISC ChangeLog 1477 SHA256 7bf606fc6f77926ab9ae075f40d27a19e3b6ca395c724741400874cf620ad774 SHA512 8f679920f86c027e83a33bdb3dda9faa685fea60e2c3ac0fcd0a8323ef3ea736ccebb79eb24061ca59299ff91a846d3f0ca4d456e5bfa76384b8c4c83557f768 WHIRLPOOL f59f10c105444693c9cae4e3cdcdcd41d182969c84670ba52768cba7e97876b0e706bfcc2139fadcd65ef7baa4f5918e850f15fadecac1cd69ff6dbfb8aaadb5 -MISC metadata.xml 229 SHA256 7ad92d9a992134c694cfe07524a7855f22794d8b08c896f489621fc3128ee1c7 SHA512 323d1c3e17c7b4ebd4964033d609349b779c3d94ce4b408c43dbdceecc70f11dc882af9a0c1e4f82780c0a4e57a407c660e604dbe317c73f0fc2cbc4ec0a9459 WHIRLPOOL 6226233fff2980775080c45df27b7f46049ce7d9dbd1ee0fc1a5cc87166fabe8d54a1604d1ee829819953dd2227facd6b41c4e0b897a958fb0f3dd74f45b6eb9 ------BEGIN PGP SIGNATURE----- -Version: GnuPG v2.0.19 (GNU/Linux) - -iF4EAREIAAYFAlGFe7UACgkQC77qH+pIQ6QppgEAku3tmM2QvFKek0DC4BAJ5SUA -L3kNHqY/ZgBAdVs5fv8A+weXm8R1x+tRbHewTmXpAyXwd8QjpuQdvCOw+iEDRKSN -=QPsF ------END PGP SIGNATURE----- diff --git a/dev-python/elixir/elixir-0.7.1-r1.ebuild b/dev-python/elixir/elixir-0.7.1-r1.ebuild deleted file mode 100644 index 9498cbd5fe76..000000000000 --- a/dev-python/elixir/elixir-0.7.1-r1.ebuild +++ /dev/null @@ -1,55 +0,0 @@ -# Copyright 1999-2013 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/dev-python/elixir/elixir-0.7.1-r1.ebuild,v 1.2 2013/05/04 21:20:52 floppym Exp $ - -EAPI="2" -PYTHON_DEPEND="2" -SUPPORT_PYTHON_ABIS="1" - -inherit distutils eutils - -MY_PN="Elixir" -MY_P="${MY_PN}-${PV}" - -DESCRIPTION="Declarative Mapper for SQLAlchemy" -HOMEPAGE="http://elixir.ematia.de/trac/wiki http://pypi.python.org/pypi/Elixir" -SRC_URI="mirror://pypi/${MY_PN:0:1}/${MY_PN}/${MY_P}.tar.gz" - -LICENSE="MIT" -SLOT="0" -KEYWORDS="~amd64 ~x86" -IUSE="doc" - -RDEPEND=">=dev-python/sqlalchemy-0.4.0" -DEPEND="${RDEPEND} - dev-python/setuptools - doc? ( >=dev-python/docutils-0.4-r3 - >=dev-python/kid-0.9 - >=dev-python/pygments-0.8.1 - >=dev-python/pudge-0.1.3 - >=dev-python/buildutils-0.3 )" -RESTRICT_PYTHON_ABIS="3.*" - -S="${WORKDIR}/${MY_P}" - -src_prepare() { - epatch "${FILESDIR}"/${P}-CVE-2012-2146-aes.patch -} - -src_compile() { - distutils_src_compile - - if use doc; then - einfo "Generation of documentation" - "$(PYTHON -f)" setup.py addcommand -p buildutils.pudge_command - PYTHONPATH=. "$(PYTHON -f)" setup.py pudge || die "Generation of documentation failed" - fi -} - -src_install() { - distutils_src_install - - if use doc; then - dohtml -r build/doc/* - fi -} diff --git a/dev-python/elixir/files/elixir-0.7.1-CVE-2012-2146-aes.patch b/dev-python/elixir/files/elixir-0.7.1-CVE-2012-2146-aes.patch deleted file mode 100644 index f69df35458f6..000000000000 --- a/dev-python/elixir/files/elixir-0.7.1-CVE-2012-2146-aes.patch +++ /dev/null @@ -1,85 +0,0 @@ -Upstream patch acquired from -http://sochotni.fedorapeople.org/python-elixir-aes-encryption-addition.patch -Index: elixir/ext/encrypted.py -=================================================================== ---- elixir/ext/encrypted.py (revision 534) -+++ elixir/ext/encrypted.py (working copy) -@@ -32,7 +32,9 @@ - database row. - ''' - --from Crypto.Cipher import Blowfish -+import sys -+import os -+from Crypto.Cipher import Blowfish, AES - from elixir.statements import Statement - from sqlalchemy.orm import MapperExtension, EXT_CONTINUE, EXT_STOP - -@@ -49,7 +51,9 @@ - # - # encryption and decryption functions - # -- -+# WARNING!!! Blowfish encryption method is vulnerable to attacks -+# because it doesn't properly use random seed. It is provided just for -+# backward compatibility needed to migrate data. Use AES instead! - def encrypt_value(value, secret): - return Blowfish.new(secret, Blowfish.MODE_CFB) \ - .encrypt(value).encode('string_escape') -@@ -58,14 +62,36 @@ - return Blowfish.new(secret, Blowfish.MODE_CFB) \ - .decrypt(value.decode('string_escape')) - -+# Crypto.Cipher.AES is AES128 -+def encrypt_value_aes(value, secret): -+ iv = os.urandom(AES.block_size) - -+ pad_len = AES.block_size - len(value) % AES.block_size -+ padded_value = value + pad_len * chr(pad_len) -+ res = iv + AES.new(secret, AES.MODE_CBC, iv).encrypt(padded_value) -+ return res.encode('string_escape') -+ -+def decrypt_value_aes(value, secret): -+ value = value.decode('string_escape') -+ iv = value[:AES.block_size] -+ encrypted = value[AES.block_size:] -+ -+ padded_value = AES.new(secret, AES.MODE_CBC, iv).decrypt(encrypted) -+ pad_len = ord(padded_value[-1]) -+ assert pad_len >= 1 and pad_len <= AES.block_size -+ return padded_value[:-pad_len] -+ - # - # acts_as_encrypted statement - # - - class ActsAsEncrypted(object): - -- def __init__(self, entity, for_fields=[], with_secret='abcdef'): -+ def __init__(self, entity, for_fields=[], with_secret='abcdef', with_aes=False): -+ if not with_aes: -+ sys.stderr.write("""******* WARNING!!! ******** -+Blowfish encryption method is vulnerable to attacks. -+Migrate your data and use with_aes=True\n""") - - def perform_encryption(instance, encrypt=True): - encrypted = getattr(instance, '_elixir_encrypted', None) -@@ -77,9 +103,15 @@ - instance._elixir_encrypted = encrypt - - if encrypt: -- func = encrypt_value -+ if with_aes: -+ func = encrypt_value_aes -+ else: -+ func = encrypt_value - else: -- func = decrypt_value -+ if with_aes: -+ func = decrypt_value_aes -+ else: -+ func = decrypt_value - - for column_name in for_fields: - current_value = getattr(instance, column_name) - diff --git a/dev-python/elixir/metadata.xml b/dev-python/elixir/metadata.xml deleted file mode 100644 index 20170f0f808e..000000000000 --- a/dev-python/elixir/metadata.xml +++ /dev/null @@ -1,8 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> -<pkgmetadata> - <herd>python</herd> - <upstream> - <remote-id type="pypi">Elixir</remote-id> - </upstream> -</pkgmetadata> |