diff options
| author | spz <spz> | 2014-02-10 18:13:44 +0000 |
|---|---|---|
| committer | spz <spz> | 2014-02-10 18:13:44 +0000 |
| commit | cc58c00c62ad767366fdb95cff0eb0c79d409843 (patch) | |
| tree | a13604c9838f659c86c738a5a6a958876c996913 | |
| parent | 241bda4f10096958142b2f622f6e5ac56ff54184 (diff) | |
| download | pkgsrc-cc58c00c62ad767366fdb95cff0eb0c79d409843.tar.gz | |
Pullup ticket #4319 - requested by tron
lang/python27: security fix
Revisions pulled up:
- lang/python27/Makefile 1.34
- lang/python27/distinfo 1.30
- lang/python27/patches/patch-Modules_socketmodule.c 1.1
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Sun Feb 9 09:02:50 UTC 2014
Modified Files:
pkgsrc/lang/python27: Makefile distinfo
Added Files:
pkgsrc/lang/python27/patches: patch-Modules_socketmodule.c
Log Message:
Add fix for security vulnerability reported in SA56624.
Patch taken from Python Mercurial repository.
To generate a diff of this commit:
cvs rdiff -u -r1.33 -r1.34 pkgsrc/lang/python27/Makefile
cvs rdiff -u -r1.29 -r1.30 pkgsrc/lang/python27/distinfo
cvs rdiff -u -r0 -r1.1 \
pkgsrc/lang/python27/patches/patch-Modules_socketmodule.c
| -rw-r--r-- | lang/python27/Makefile | 3 | ||||
| -rw-r--r-- | lang/python27/distinfo | 3 | ||||
| -rw-r--r-- | lang/python27/patches/patch-Modules_socketmodule.c | 19 |
3 files changed, 23 insertions, 2 deletions
diff --git a/lang/python27/Makefile b/lang/python27/Makefile index e68e6bc2c25..abca6520902 100644 --- a/lang/python27/Makefile +++ b/lang/python27/Makefile @@ -1,8 +1,9 @@ -# $NetBSD: Makefile,v 1.33 2013/12/12 11:34:23 jperkin Exp $ +# $NetBSD: Makefile,v 1.33.2.1 2014/02/10 18:13:44 spz Exp $ .include "dist.mk" PKGNAME= python27-${PY_DISTVERSION} +PKGREVISION= 1 CATEGORIES= lang python MAINTAINER= pkgsrc-users@NetBSD.org diff --git a/lang/python27/distinfo b/lang/python27/distinfo index 4fa7e60e3f6..c5661719458 100644 --- a/lang/python27/distinfo +++ b/lang/python27/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.29 2013/12/14 18:59:55 bsiegert Exp $ +$NetBSD: distinfo,v 1.29.2.1 2014/02/10 18:13:44 spz Exp $ SHA1 (Python-2.7.6.tar.xz) = 8321636af2acbeaa68fc635d7dda7369ed446a80 RMD160 (Python-2.7.6.tar.xz) = 8efc73a01a466d8fa16c5c1734c89be79c2c538a @@ -8,6 +8,7 @@ SHA1 (patch-Include_pyerrors.h) = 3eba043c83b1d1df4918524f7b53047a6ed372ae SHA1 (patch-Lib_distutils_unixccompiler.py) = 39b967dc2ae648143d5841f22602a21063b4d5ea SHA1 (patch-Modules___ssl.c) = aaddaea5bcd6c84d3d896c7c37f710933b8228bc SHA1 (patch-Modules_getpath.c) = f68b38eb90f974b67ceab3922ce7f92eb77f25c3 +SHA1 (patch-Modules_socketmodule.c) = 07c76dcf6dc8605446bc8e01d80e1f1e30a5ebf7 SHA1 (patch-aa) = 990e4025bb6a37715e1f5df1831499f0ab08acfa SHA1 (patch-ab) = 0d0ae9802dfe3b85659adb16793affd8c4ffce43 SHA1 (patch-ad) = de730b9f5a5efb56afa8bed05824b5f6579242ec diff --git a/lang/python27/patches/patch-Modules_socketmodule.c b/lang/python27/patches/patch-Modules_socketmodule.c new file mode 100644 index 00000000000..24e24542161 --- /dev/null +++ b/lang/python27/patches/patch-Modules_socketmodule.c @@ -0,0 +1,19 @@ +$NetBSD: patch-Modules_socketmodule.c,v 1.1.2.2 2014/02/10 18:13:44 spz Exp $ + +Fix vulnerability reported in SA56624. Patch taken from here: + +http://hg.python.org/cpython/rev/87673659d8f7 + +--- Modules/socketmodule.c.orig 2013-11-10 07:36:41.000000000 +0000 ++++ Modules/socketmodule.c 2014-02-09 08:41:25.000000000 +0000 +@@ -2742,6 +2742,10 @@ + if (recvlen == 0) { + /* If nbytes was not specified, use the buffer's length */ + recvlen = buflen; ++ } else if (recvlen > buflen) { ++ PyErr_SetString(PyExc_ValueError, ++ "nbytes is greater than the length of the buffer"); ++ goto error; + } + + readlen = sock_recvfrom_guts(s, buf.buf, recvlen, flags, &addr); |