diff options
Diffstat (limited to 'dev-lang/python')
-rw-r--r-- | dev-lang/python/files/python-3.3-CVE-2014-4616.patch | 52 | ||||
-rw-r--r-- | dev-lang/python/files/python-3.3-libressl.patch | 127 | ||||
-rw-r--r-- | dev-lang/python/files/python-3.3.5-ncurses-pkg-config.patch | 40 |
3 files changed, 0 insertions, 219 deletions
diff --git a/dev-lang/python/files/python-3.3-CVE-2014-4616.patch b/dev-lang/python/files/python-3.3-CVE-2014-4616.patch deleted file mode 100644 index c67b2e5feedc..000000000000 --- a/dev-lang/python/files/python-3.3-CVE-2014-4616.patch +++ /dev/null @@ -1,52 +0,0 @@ -# HG changeset patch -# User Benjamin Peterson <benjamin@python.org> -# Date 1397441438 14400 -# Node ID 50c07ed1743da9cd4540d83de0c30bd17aeb41b0 -# Parent 218e28a935ab4494d05215c243e2129625a71893 -in scan_once, prevent the reading of arbitrary memory when passed a negative index - -Bug reported by Guido Vranken. - -Index: Python-3.3.5/Lib/json/tests/test_decode.py -=================================================================== ---- Python-3.3.5.orig/Lib/test/test_json/test_decode.py 2014-06-26 18:40:10.825269130 +0200 -+++ Python-3.3.5/Lib/test/test_json/test_decode.py 2014-06-26 18:40:21.962323035 +0200 -@@ -60,5 +60,10 @@ - msg = 'escape' - self.assertRaisesRegexp(ValueError, msg, self.loads, s) - -+ def test_negative_index(self): -+ d = self.json.JSONDecoder() -+ self.assertRaises(ValueError, d.raw_decode, 'a'*42, -50000) -+ self.assertRaises(ValueError, d.raw_decode, u'a'*42, -50000) -+ - class TestPyDecode(TestDecode, PyTest): pass - class TestCDecode(TestDecode, CTest): pass -Index: Python-3.3.5/Misc/ACKS -=================================================================== ---- Python-3.3.5.orig/Misc/ACKS 2014-06-26 18:40:10.826269135 +0200 -+++ Python-3.3.5/Misc/ACKS 2014-06-26 18:40:21.962323035 +0200 -@@ -1085,6 +1085,7 @@ - Frank Visser - Johannes Vogel - Alex Volkov -+Guido Vranken - Martijn Vries - Niki W. Waibel - Wojtek Walczak -Index: Python-3.3.5/Modules/_json.c -=================================================================== ---- a/Modules/_json.c -+++ b/Modules/_json.c -@@ -975,7 +975,10 @@ scan_once_unicode(PyScannerObject *s, Py - kind = PyUnicode_KIND(pystr); - length = PyUnicode_GET_LENGTH(pystr); - -- if (idx >= length) { -+ if (idx < 0) -+ /* Compatibility with Python version. */ -+ idx += length; -+ if (idx < 0 || idx >= length) { - PyErr_SetNone(PyExc_StopIteration); - return NULL; - } diff --git a/dev-lang/python/files/python-3.3-libressl.patch b/dev-lang/python/files/python-3.3-libressl.patch deleted file mode 100644 index 816704eb828f..000000000000 --- a/dev-lang/python/files/python-3.3-libressl.patch +++ /dev/null @@ -1,127 +0,0 @@ -From eed8d3b553e00e04c1f97c87ea02723630fb15a4 Mon Sep 17 00:00:00 2001 -From: hasufell <hasufell@gentoo.org> -Date: Sun, 20 Sep 2015 14:25:43 +0200 -Subject: [PATCH] Backport upstream libressl patches to python-3.3 - -https://hg.python.org/cpython/raw-rev/7f82f50fdad0 -https://hg.python.org/cpython/raw-rev/4dac45f88d45 ---- - Lib/ssl.py | 7 ++++++- - Lib/test/test_ssl.py | 21 +++++++++++++-------- - Modules/_ssl.c | 4 ++++ - configure | 42 ++++++++++++++++++++++++++++++++++++++++++ - configure.ac | 3 +++ - pyconfig.h.in | 3 +++ - 6 files changed, 71 insertions(+), 9 deletions(-) - -diff --git a/Lib/ssl.py b/Lib/ssl.py -index cd8d6b4..445ae87 100644 ---- a/Lib/ssl.py -+++ b/Lib/ssl.py -@@ -78,7 +78,12 @@ try: - from _ssl import OP_SINGLE_ECDH_USE - except ImportError: - pass --from _ssl import RAND_status, RAND_egd, RAND_add, RAND_bytes, RAND_pseudo_bytes -+from _ssl import RAND_status, RAND_add, RAND_bytes, RAND_pseudo_bytes -+try: -+ from _ssl import RAND_egd -+except ImportError: -+ # LibreSSL does not provide RAND_egd -+ pass - from _ssl import ( - SSL_ERROR_ZERO_RETURN, - SSL_ERROR_WANT_READ, -diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py -index 9fc6027..879f791 100644 ---- a/Lib/test/test_ssl.py -+++ b/Lib/test/test_ssl.py -@@ -130,8 +130,9 @@ class BasicSocketTests(unittest.TestCase): - self.assertRaises(ValueError, ssl.RAND_bytes, -5) - self.assertRaises(ValueError, ssl.RAND_pseudo_bytes, -5) - -- self.assertRaises(TypeError, ssl.RAND_egd, 1) -- self.assertRaises(TypeError, ssl.RAND_egd, 'foo', 1) -+ if hasattr(ssl, 'RAND_egd'): -+ self.assertRaises(TypeError, ssl.RAND_egd, 1) -+ self.assertRaises(TypeError, ssl.RAND_egd, 'foo', 1) - ssl.RAND_add("this is a random string", 75.0) - - @unittest.skipUnless(os.name == 'posix', 'requires posix') -@@ -250,11 +251,11 @@ class BasicSocketTests(unittest.TestCase): - # Some sanity checks follow - # >= 0.9 - self.assertGreaterEqual(n, 0x900000) -- # < 2.0 -- self.assertLess(n, 0x20000000) -+ # < 3.0 -+ self.assertLess(n, 0x30000000) - major, minor, fix, patch, status = t - self.assertGreaterEqual(major, 0) -- self.assertLess(major, 2) -+ self.assertLess(major, 3) - self.assertGreaterEqual(minor, 0) - self.assertLess(minor, 256) - self.assertGreaterEqual(fix, 0) -@@ -263,9 +264,13 @@ class BasicSocketTests(unittest.TestCase): - self.assertLessEqual(patch, 26) - self.assertGreaterEqual(status, 0) - self.assertLessEqual(status, 15) -- # Version string as returned by OpenSSL, the format might change -- self.assertTrue(s.startswith("OpenSSL {:d}.{:d}.{:d}".format(major, minor, fix)), -- (s, t)) -+ # Version string as returned by {Open,Libre}SSL, the format might change -+ if "LibreSSL" in s: -+ self.assertTrue(s.startswith("LibreSSL {:d}.{:d}".format(major, minor)), -+ (s, t)) -+ else: -+ self.assertTrue(s.startswith("OpenSSL {:d}.{:d}.{:d}".format(major, minor, fix)), -+ (s, t)) - - @support.cpython_only - def test_refcycle(self): -diff --git a/Modules/_ssl.c b/Modules/_ssl.c -index 499e8ba..cb151ba 100644 ---- a/Modules/_ssl.c -+++ b/Modules/_ssl.c -@@ -2559,6 +2559,7 @@ Returns 1 if the OpenSSL PRNG has been seeded with enough data and 0 if not.\n\ - It is necessary to seed the PRNG with RAND_add() on some platforms before\n\ - using the ssl() function."); - -+#ifdef HAVE_RAND_EGD - static PyObject * - PySSL_RAND_egd(PyObject *self, PyObject *args) - { -@@ -2586,6 +2587,7 @@ PyDoc_STRVAR(PySSL_RAND_egd_doc, - Queries the entropy gather daemon (EGD) on the socket named by 'path'.\n\ - Returns number of bytes read. Raises SSLError if connection to EGD\n\ - fails or if it does not provide enough data to seed PRNG."); -+#endif /* HAVE_RAND_EGD */ - - #endif /* HAVE_OPENSSL_RAND */ - -@@ -2604,8 +2606,10 @@ static PyMethodDef PySSL_methods[] = { - PySSL_RAND_bytes_doc}, - {"RAND_pseudo_bytes", PySSL_RAND_pseudo_bytes, METH_VARARGS, - PySSL_RAND_pseudo_bytes_doc}, -+#ifdef HAVE_RAND_EGD - {"RAND_egd", PySSL_RAND_egd, METH_VARARGS, - PySSL_RAND_egd_doc}, -+#endif - {"RAND_status", (PyCFunction)PySSL_RAND_status, METH_NOARGS, - PySSL_RAND_status_doc}, - #endif -diff --git a/configure.ac b/configure.ac -index 6a64bff..90f315a 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -2181,6 +2181,9 @@ AC_MSG_RESULT($SHLIBS) - AC_CHECK_LIB(sendfile, sendfile) - AC_CHECK_LIB(dl, dlopen) # Dynamic linking for SunOS/Solaris and SYSV - AC_CHECK_LIB(dld, shl_load) # Dynamic linking for HP-UX -+AC_CHECK_LIB(crypto, RAND_egd, -+ AC_DEFINE(HAVE_RAND_EGD, 1, -+ [Define if the libcrypto has RAND_egd])) - - # only check for sem_init if thread support is requested - if test "$with_threads" = "yes" -o -z "$with_threads"; then diff --git a/dev-lang/python/files/python-3.3.5-ncurses-pkg-config.patch b/dev-lang/python/files/python-3.3.5-ncurses-pkg-config.patch deleted file mode 100644 index d963b9e52bd9..000000000000 --- a/dev-lang/python/files/python-3.3.5-ncurses-pkg-config.patch +++ /dev/null @@ -1,40 +0,0 @@ -do not hardcode /usr/include paths - ---- a/configure.ac -+++ b/configure.ac -@@ -668,6 +668,8 @@ AC_ARG_WITH(cxx_main, - ]) - AC_MSG_RESULT($with_cxx_main) - -+AC_PATH_TOOL([PKG_CONFIG], [pkg-config]) -+ - preset_cxx="$CXX" - if test -z "$CXX" - then -@@ -1513,7 +1515,7 @@ dnl AC_MSG_RESULT($cpp_type) - # checks for header files - AC_HEADER_STDC - ac_save_cppflags="$CPPFLAGS" --CPPFLAGS="$CPPFLAGS -I/usr/include/ncursesw" -+CPPFLAGS="$CPPFLAGS `$PKG_CONFIG --cflags ncursesw`" - AC_CHECK_HEADERS(asm/types.h conio.h curses.h direct.h dlfcn.h errno.h \ - fcntl.h grp.h \ - ieeefp.h io.h langinfo.h libintl.h ncurses.h process.h pthread.h \ -@@ -2225,8 +2227,6 @@ LIBS="$withval $LIBS" - ], - [AC_MSG_RESULT(no)]) - --AC_PATH_TOOL([PKG_CONFIG], [pkg-config]) -- - # Check for use of the system expat library - AC_MSG_CHECKING(for --with-system-expat) - AC_ARG_WITH(system_expat, -@@ -4273,7 +4273,7 @@ then - fi - - ac_save_cppflags="$CPPFLAGS" --CPPFLAGS="$CPPFLAGS -I/usr/include/ncursesw" -+CPPFLAGS="$CPPFLAGS `$PKG_CONFIG --cflags ncursesw`" - # On HP/UX 11.0, mvwdelch is a block with a return statement - AC_MSG_CHECKING(whether mvwdelch is an expression) - AC_CACHE_VAL(ac_cv_mvwdelch_is_expression, |