Pullup ticket #4406 - requested by wiz

lang/python33 OpenSSL security fix Revisions pulled up: - lang/python33/Makefile 1.24 - lang/python33/distinfo 1.15 - lang/python33/patches/patch-Lib_os.py 1.1 --- Module Name: pkgsrc Committed By: wiz Date: Thu May 15 12:33:10 UTC 2014 Modified Files: pkgsrc/lang/python33: Makefile distinfo Added Files: pkgsrc/lang/python33/patches: patch-Lib_os.py Log Message: Add fix for CVE-2014-2667. Bump PKGREVISION.
author: schnoebe <schnoebe@pkgsrc.org> 2014-05-16 14:00:35 +0000
committer: schnoebe <schnoebe@pkgsrc.org> 2014-05-16 14:00:35 +0000
commit: 32111b28e354d49a6f83437e8ee1dc7de00e766b (patch)
tree: 9cdb15d781aae00a47a899edff3f60d684d07e79
parent: 477c4be9a2795e088da0e4a0a55bab46206039cb (diff)
download: pkgsrc-32111b28e354d49a6f83437e8ee1dc7de00e766b.tar.gz
3 files changed, 61 insertions, 3 deletions
diff --git a/lang/python33/Makefile b/lang/python33/Makefile
index 2690381b459..f0a3ca27562 100644
--- a/lang/python33/Makefile
+++ b/lang/python33/Makefile
@@ -1,9 +1,9 @@
-# $NetBSD: Makefile,v 1.22 2014/03/27 08:50:00 obache Exp $
+# $NetBSD: Makefile,v 1.22.2.1 2014/05/16 14:00:35 schnoebe Exp $
 
 .include "dist.mk"
 
 PKGNAME=	python33-${PY_DISTVERSION}
-PKGREVISION=	1
+PKGREVISION=	2
 CATEGORIES=	lang python
 
 MAINTAINER=	pkgsrc-users@NetBSD.org
diff --git a/lang/python33/distinfo b/lang/python33/distinfo
index 042cbc264cf..80b3bbd3960 100644
--- a/lang/python33/distinfo
+++ b/lang/python33/distinfo
@@ -1,9 +1,10 @@
-$NetBSD: distinfo,v 1.11 2014/03/27 08:50:00 obache Exp $
+$NetBSD: distinfo,v 1.11.2.1 2014/05/16 14:00:35 schnoebe Exp $
 
 SHA1 (Python-3.3.5.tar.xz) = 6683b26dd2cfd23af852abfcf1aedf25bbd44839
 RMD160 (Python-3.3.5.tar.xz) = 77398ecd76824983ad92c859f633e26675bacb4b
 Size (Python-3.3.5.tar.xz) = 12116308 bytes
 SHA1 (patch-Lib_distutils_unixccompiler.py) = 39cb8d1e1e3e76e2b6b5dbc1a6b5e0815300b2ce
+SHA1 (patch-Lib_os.py) = 6e6024a8451158f571e97cb3f2b515e315720a33
 SHA1 (patch-aa) = 99ebcbbfc53b855a32b424dec27012e1e969c3d0
 SHA1 (patch-ab) = 1c0a25bf7ec6ee76e84c799619ec7cd8910f16e1
 SHA1 (patch-ah) = bb43aaab260935a5a0d5e7ce1ccc30f4832cab1d
diff --git a/lang/python33/patches/patch-Lib_os.py b/lang/python33/patches/patch-Lib_os.py
new file mode 100644
index 00000000000..16c629f174b
--- /dev/null
+++ b/lang/python33/patches/patch-Lib_os.py
@@ -0,0 +1,57 @@
+$NetBSD: patch-Lib_os.py,v 1.1.2.2 2014/05/16 14:00:36 schnoebe Exp $
+
+Fix CVE-2014-2667 based on upstream:
+http://hg.python.org/cpython/rev/6370d44013f7
+
+--- Lib/os.py.orig	2014-03-09 08:40:12.000000000 +0000
++++ Lib/os.py
+@@ -230,23 +230,16 @@ SEEK_SET = 0
+ SEEK_CUR = 1
+ SEEK_END = 2
+ 
+-
+-def _get_masked_mode(mode):
+-    mask = umask(0)
+-    umask(mask)
+-    return mode & ~mask
+-
+ # Super directory utilities.
+ # (Inspired by Eric Raymond; the doc strings are mostly his)
+ 
+ def makedirs(name, mode=0o777, exist_ok=False):
+     """makedirs(path [, mode=0o777][, exist_ok=False])
+ 
+-    Super-mkdir; create a leaf directory and all intermediate ones.
+-    Works like mkdir, except that any intermediate path segment (not
+-    just the rightmost) will be created if it does not exist. If the
+-    target directory with the same mode as we specified already exists,
+-    raises an OSError if exist_ok is False, otherwise no exception is
++    Super-mkdir; create a leaf directory and all intermediate ones.  Works like
++    mkdir, except that any intermediate path segment (not just the rightmost)
++    will be created if it does not exist. If the target directory already
++    exists, raise an OSError if exist_ok is False. Otherwise no exception is
+     raised.  This is recursive.
+ 
+     """
+@@ -268,20 +261,7 @@ def makedirs(name, mode=0o777, exist_ok=
+     try:
+         mkdir(name, mode)
+     except OSError as e:
+-        dir_exists = path.isdir(name)
+-        expected_mode = _get_masked_mode(mode)
+-        if dir_exists:
+-            # S_ISGID is automatically copied by the OS from parent to child
+-            # directories on mkdir.  Don't consider it being set to be a mode
+-            # mismatch as mkdir does not unset it when not specified in mode.
+-            actual_mode = st.S_IMODE(lstat(name).st_mode) & ~st.S_ISGID
+-        else:
+-            actual_mode = -1
+-        if not (e.errno == errno.EEXIST and exist_ok and dir_exists and
+-                actual_mode == expected_mode):
+-            if dir_exists and actual_mode != expected_mode:
+-                e.strerror += ' (mode %o != expected mode %o)' % (
+-                        actual_mode, expected_mode)
++        if not exist_ok or e.errno != errno.EEXIST or not path.isdir(name):
+             raise
+ 
+ def removedirs(name):
author	schnoebe <schnoebe@pkgsrc.org>	2014-05-16 14:00:35 +0000
committer	schnoebe <schnoebe@pkgsrc.org>	2014-05-16 14:00:35 +0000
commit	32111b28e354d49a6f83437e8ee1dc7de00e766b (patch)
tree	9cdb15d781aae00a47a899edff3f60d684d07e79
parent	477c4be9a2795e088da0e4a0a55bab46206039cb (diff)
download	pkgsrc-32111b28e354d49a6f83437e8ee1dc7de00e766b.tar.gz