diff options
author | wiz <wiz> | 2008-11-10 19:41:47 +0000 |
---|---|---|
committer | wiz <wiz> | 2008-11-10 19:41:47 +0000 |
commit | 36101dd13712b9bf1f841ae6ae02045a04334dbb (patch) | |
tree | 99353428b156d24d9eba5f1684a996866fd386f1 /lang/python23/patches | |
parent | a7c5d9ab5863b8b7800105b6935a145ca64f0f69 (diff) | |
download | pkgsrc-36101dd13712b9bf1f841ae6ae02045a04334dbb.tar.gz |
Update to 2.3.7:
Python 2.3 is now well and truly in bugfix-only mode; no new features
are being added, and only security critical bugs have been fixed.
This release addresses a number of cases interpreter might have
crashed in certain boundary conditions.
What's New in Python 2.3.7?
===========================
*Release date: 11-Mar-2008*
What's New in Python 2.3.7c1?
===========================
*Release date: 02-Mar-2008*
Core and builtins
-----------------
- Added checks for integer overflows, contributed by Google. Some are
only available if asserts are left in the code, in cases where they
can't be triggered from Python code.
What's New in Python 2.3.6?
===========================
*Release date: 01-NOV-2006*
What's New in Python 2.3.6c1?
=============================
*Release date: 25-OCT-2006*
Core and builtins
-----------------
- Patch #1541585: fix buffer overrun when performing repr() on
a unicode string in a build with wide unicode (UCS-4) support.
This is the problem described in security advisory PSF-2006-001.
Extension modules
-----------------
- Apply fix for potential heap overflow in PCRE code (CAN-2005-2491).
Library
-------
- The email package has improved RFC 2231 support, specifically for
recognizing the difference between encoded (name*0*=<blah>) and non-encoded
(name*0=<blah>) parameter continuations. This may change the types of
values returned from email.message.Message.get_param() and friends.
Specifically in some cases where non-encoded continuations were used,
get_param() used to return a 3-tuple of (None, None, string) whereas now it
will just return the string (since non-encoded continuations don't have
charset and language parts).
Also, whereas % values were decoded in all parameter continuations, they are
now only decoded in encoded parameter parts.
Diffstat (limited to 'lang/python23/patches')
-rw-r--r-- | lang/python23/patches/patch-ah | 24 | ||||
-rw-r--r-- | lang/python23/patches/patch-ec | 44 |
2 files changed, 22 insertions, 46 deletions
diff --git a/lang/python23/patches/patch-ah b/lang/python23/patches/patch-ah index 6ca5dc28cc8..44d54c20bb2 100644 --- a/lang/python23/patches/patch-ah +++ b/lang/python23/patches/patch-ah @@ -1,22 +1,27 @@ -$NetBSD: patch-ah,v 1.6 2005/03/07 12:11:49 dmcmahill Exp $ +$NetBSD: patch-ah,v 1.7 2008/11/10 19:41:47 wiz Exp $ ---- Makefile.pre.in.orig 2005-01-11 08:48:52.000000000 -0500 -+++ Makefile.pre.in 2005-03-07 06:41:33.425152000 -0500 -@@ -57,5 +57,5 @@ +--- Makefile.pre.in.orig 2005-01-11 13:49:02.000000000 +0000 ++++ Makefile.pre.in +@@ -56,7 +56,7 @@ MAKESETUP= $(srcdir)/Modules/makese + OPT= @OPT@ BASECFLAGS= @BASECFLAGS@ CFLAGS= $(BASECFLAGS) $(OPT) -CPPFLAGS= -I. -I$(srcdir)/Include +CPPFLAGS+= @CPPFLAGS@ -I. -I$(srcdir)/Include LDFLAGS= @LDFLAGS@ LDLAST= @LDLAST@ -@@ -309,5 +309,5 @@ + SGI_ABI= @SGI_ABI@ +@@ -308,7 +308,7 @@ all: $(BUILDPYTHON) oldsharedmods share + $(BUILDPYTHON): Modules/$(MAINOBJ) $(LIBRARY) $(LDLIBRARY) $(LINKCC) $(LDFLAGS) $(LINKFORSHARED) -o $@ \ Modules/$(MAINOBJ) \ - $(BLDLIBRARY) $(LIBS) $(MODLIBS) $(SYSLIBS) $(LDLAST) + $(BLDLIBRARY) $(LIBS) $(MODLIBS) $(SYSLIBS) $(LDLAST) ${LINK_ALL_LIBGCC_HACK} platform: $(BUILDPYTHON) -@@ -349,8 +349,8 @@ + $(RUNSHARED) ./$(BUILDPYTHON) -E -c 'import sys ; from distutils.util import get_platform ; print get_platform()+"-"+sys.version[0:3]' >platform +@@ -348,15 +348,18 @@ $(LIBRARY): $(LIBRARY_OBJS) + libpython$(VERSION).so: $(LIBRARY_OBJS) if test $(INSTSONAME) != $(LDLIBRARY); then \ - $(LDSHARED) -Wl,-h$(INSTSONAME) -o $(INSTSONAME) $(LIBRARY_OBJS) $(SHLIBS) $(LIBC) $(LIBM); \ @@ -27,7 +32,7 @@ $NetBSD: patch-ah,v 1.6 2005/03/07 12:11:49 dmcmahill Exp $ + $(LDSHARED) -o $@ $(LIBRARY_OBJS) $(LDFLAGS) $(SHLIBS) $(LIBC) $(LIBM); \ fi -@@ -358,4 +358,7 @@ + libpython$(VERSION).sl: $(LIBRARY_OBJS) $(LDSHARED) -o $@ $(LIBRARY_OBJS) $(LIBC) $(LIBM) +libpython$(VERSION).dylib: $(LIBRARY_OBJS) @@ -35,7 +40,9 @@ $NetBSD: patch-ah,v 1.6 2005/03/07 12:11:49 dmcmahill Exp $ + # This rule is here for OPENSTEP/Rhapsody/MacOSX. It builds a temporary # minimal framework (not including the Lib directory and such) in the current -@@ -617,5 +620,10 @@ + # directory. +@@ -616,7 +619,12 @@ altbininstall: $(BUILDPYTHON) + (cd $(DESTDIR)$(LIBDIR); $(LN) -sf $(INSTSONAME) libpython$(VERSION)$(SO)); \ fi \ fi; \ - else true; \ @@ -47,3 +54,4 @@ $NetBSD: patch-ah,v 1.6 2005/03/07 12:11:49 dmcmahill Exp $ + fi \ fi + # Install the manual page diff --git a/lang/python23/patches/patch-ec b/lang/python23/patches/patch-ec index 8d4d0cf13b1..251b54fcee0 100644 --- a/lang/python23/patches/patch-ec +++ b/lang/python23/patches/patch-ec @@ -1,40 +1,8 @@ -$NetBSD: patch-ec,v 1.1 2005/10/01 19:36:01 recht Exp $ +$NetBSD: patch-ec,v 1.2 2008/11/10 19:41:47 wiz Exp $ ---- Modules/pypcre.c.orig 2003-10-20 16:34:47.000000000 +0200 -+++ Modules/pypcre.c 2005-10-01 21:13:56.000000000 +0200 -@@ -1163,14 +1163,31 @@ - int min = 0; - int max = -1; - -+/* Read the minimum value and do a paranoid check: a negative value indicates -+an integer overflow. */ -+ - while ((pcre_ctypes[*p] & ctype_digit) != 0) min = min * 10 + *p++ - '0'; - -+if (min < 0 || min > 65535) -+ { -+ *errorptr = ERR5; -+ return p; -+ } -+ -+/* Read the maximum value if there is one, and again do a paranoid on its size -+. Also, max must not be less than min. */ -+ - if (*p == '}') max = min; else - { - if (*(++p) != '}') - { - max = 0; - while((pcre_ctypes[*p] & ctype_digit) != 0) max = max * 10 + *p++ - '0'; -+ if (max < 0 || max > 65535) -+ { -+ *errorptr = ERR5; -+ return p; -+ } - if (max < min) - { - *errorptr = ERR4; -@@ -2267,6 +2284,7 @@ +--- Modules/pypcre.c.orig 2005-08-31 12:55:21.000000000 +0000 ++++ Modules/pypcre.c +@@ -2278,6 +2278,7 @@ int c, size; int bracount = 0; int brastack[200]; int top_backref = 0; @@ -42,7 +10,7 @@ $NetBSD: patch-ec,v 1.1 2005/10/01 19:36:01 recht Exp $ unsigned int brastackptr = 0; uschar *code; const uschar *ptr; -@@ -2446,6 +2464,7 @@ +@@ -2457,6 +2458,7 @@ while ((c = *(++ptr)) != 0) /* Brackets may be genuine groups or special things */ case '(': @@ -50,7 +18,7 @@ $NetBSD: patch-ec,v 1.1 2005/10/01 19:36:01 recht Exp $ /* Handle special forms of bracket, which all start (? */ -@@ -2543,10 +2562,15 @@ +@@ -2554,10 +2556,15 @@ while ((c = *(++ptr)) != 0) continue; /* End of this bracket handling */ } |