pkgsrc/lang/python27/distinfo, branch pkgsrc-2014Q2

pkgsrc/lang/python27/distinfo, branch pkgsrc-2014Q2 [no description] https://git.osdyson.ru/mirror/pkgsrc/atom?h=pkgsrc-2014Q2 2014-07-05T11:13:52Z Pullup ticket #4441 - requested by he 2014-07-05T11:13:52Z tron tron@pkgsrc.org 2014-07-05T11:13:52Z urn:sha1:00e6f2baa0e93eb28ae14b293d7c3fa30e633604 lang/python27: security patch Revisions pulled up: - lang/python27/distinfo 1.43 - lang/python27/patches/patch-Lib_CGIHTTPServer.py 1.1 - lang/python27/patches/patch-Lib_test_test__httpservers.py 1.1 - lang/python27/patches/patch-Misc_NEWS 1.4 --- Module Name: pkgsrc Committed By: he Date: Wed Jul 2 08:22:02 UTC 2014 Modified Files: pkgsrc/lang/python27: distinfo pkgsrc/lang/python27/patches: patch-Misc_NEWS Added Files: pkgsrc/lang/python27/patches: patch-Lib_CGIHTTPServer.py patch-Lib_test_test__httpservers.py Log Message: Apply a fix for directory-traversal vulnerability, ref. http://bugs.python.org/issue21766 Bump PKGREVISION. avoid conflicting declaration of gethostname on SunOS 2014-06-11T05:55:58Z richard richard@pkgsrc.org 2014-06-11T05:55:58Z urn:sha1:9ac7bce553d7e49ad7b23f8b23e17e92a55b78d5 Add patches to fix the remaining two functions reported as being 2014-06-09T17:58:31Z he he@pkgsrc.org 2014-06-09T17:58:31Z urn:sha1:ac3ee4ba7fa57f54be184b635c97b6b04270aa5b vulnerable to CVE-2013-1752, following the general theme of overflow of line lengths. This fixes the smtp and pop functions. Taken / adapted from http://bugs.python.org/issue16041 and http://bugs.python.org/issue16042. PKGREVISION bumped. Changes 2.7.7: 2014-06-02T06:12:03Z adam adam@pkgsrc.org 2014-06-02T06:12:03Z urn:sha1:9194599d661a77d9c3064b21d04d39e1855f4a2b This is a regularly scheduled 2.7 series bugfix and includes numerous bugfixes (http://hg.python.org/cpython/raw-file/f89216059edf/Misc/NEWS) over 2.7.6. search openssl header file from prefered ssl_incs over system inc_dirs. 2014-05-21T00:31:07Z obache obache@pkgsrc.org 2014-05-21T00:31:07Z urn:sha1:d8e629f9e20d4773add3ae4448512b93cbeeae6b Fix detecting OpenSSL, in particular on OS X. 2014-05-20T16:48:00Z adam adam@pkgsrc.org 2014-05-20T16:48:00Z urn:sha1:75168fab01b398bf10a2ff49d45ef430cadeafdc SA56624 is CVE-2014-1912. 2014-05-10T08:38:04Z obache obache@pkgsrc.org 2014-05-10T08:38:04Z urn:sha1:53236f255edd25fbaa24413ded66fd2591ce51ae Reapply reverted commit from obache@. Original description: 2014-04-13T15:06:20Z bsiegert bsiegert@pkgsrc.org 2014-04-13T15:06:20Z urn:sha1:5795c5e2a7298dd8117aeaa4a821f6473ebda6ad Prevent to detect unwanted builtin openssl. After bump of BUILDLINK_API_DEPENDS.openssl to 1.0.1c, buitin openssl is not acceptable for various platforms. Update readline-6.3 patch from upstream, for builtin GNU readline<4.2. 2014-03-27T06:26:24Z obache obache@pkgsrc.org 2014-03-27T06:26:24Z urn:sha1:ccba3f598b2dd9efb8bddb2390254f86e0cf4341 revert last commit, should not be committed during freeze. 2014-03-27T05:36:37Z obache obache@pkgsrc.org 2014-03-27T05:36:37Z urn:sha1:4de9a25bc01942d081ad1bd150062b7532d73a5e