diff options
| author | drochner <drochner> | 2012-02-15 16:08:25 +0000 |
|---|---|---|
| committer | drochner <drochner> | 2012-02-15 16:08:25 +0000 |
| commit | 98a790556105c6482851276451947ab8fdbbb3ec (patch) | |
| tree | 63f9e8b430d7a688339bcd68ef97fc3ce4460fff /lang/python25 | |
| parent | ac2af927cabb30d3f1c1abbe0139b35028501f62 (diff) | |
| download | pkgsrc-98a790556105c6482851276451947ab8fdbbb3ec.tar.gz | |
apply fix for CVE-2012-0845 to other Python versions too
(2.4 is not affected)
Diffstat (limited to 'lang/python25')
| -rw-r--r-- | lang/python25/Makefile | 4 | ||||
| -rw-r--r-- | lang/python25/distinfo | 3 | ||||
| -rw-r--r-- | lang/python25/patches/patch-CVE-2012-0845 | 18 |
3 files changed, 22 insertions, 3 deletions
diff --git a/lang/python25/Makefile b/lang/python25/Makefile index 8e908374e1b..fb81d0f8f04 100644 --- a/lang/python25/Makefile +++ b/lang/python25/Makefile @@ -1,9 +1,9 @@ -# $NetBSD: Makefile,v 1.36 2012/01/18 13:59:50 adam Exp $ +# $NetBSD: Makefile,v 1.37 2012/02/15 16:08:25 drochner Exp $ .include "dist.mk" PKGNAME= python25-${PY_DISTVERSION} -PKGREVISION= 1 +PKGREVISION= 2 CATEGORIES= lang python MAINTAINER= pkgsrc-users@NetBSD.org diff --git a/lang/python25/distinfo b/lang/python25/distinfo index d1f5773d4c6..3db36db88e0 100644 --- a/lang/python25/distinfo +++ b/lang/python25/distinfo @@ -1,8 +1,9 @@ -$NetBSD: distinfo,v 1.21 2011/12/16 17:04:17 hans Exp $ +$NetBSD: distinfo,v 1.22 2012/02/15 16:08:25 drochner Exp $ SHA1 (Python-2.5.6.tar.bz2) = 29f6dd41bf09c5e04311b367cbb7604fa016e699 RMD160 (Python-2.5.6.tar.bz2) = 92f0a955971f187a7d50c6422168202ec551bf22 Size (Python-2.5.6.tar.bz2) = 9821788 bytes +SHA1 (patch-CVE-2012-0845) = 1c0a8d7224b6b5cb65b24d38ac0967f8f8fb2da9 SHA1 (patch-SA43463) = df776e171f1794bae52b6e98bc71ae63734b7693 SHA1 (patch-aa) = d44e67645dc86ff14f5daf5705de02c6f330cc48 SHA1 (patch-ab) = d35025df83e70d129f9fbcd277652b0eea83b026 diff --git a/lang/python25/patches/patch-CVE-2012-0845 b/lang/python25/patches/patch-CVE-2012-0845 new file mode 100644 index 00000000000..e086a0b233e --- /dev/null +++ b/lang/python25/patches/patch-CVE-2012-0845 @@ -0,0 +1,18 @@ +$NetBSD: patch-CVE-2012-0845,v 1.1 2012/02/15 16:08:26 drochner Exp $ + +see python bug #14001 + +--- Lib/SimpleXMLRPCServer.py.orig 2009-04-05 21:34:15.000000000 +0000 ++++ Lib/SimpleXMLRPCServer.py +@@ -459,7 +459,10 @@ class SimpleXMLRPCRequestHandler(BaseHTT + L = [] + while size_remaining: + chunk_size = min(size_remaining, max_chunk_size) +- L.append(self.rfile.read(chunk_size)) ++ chunk = self.rfile.read(chunk_size) ++ if not chunk: ++ break ++ L.append(chunk) + size_remaining -= len(L[-1]) + data = ''.join(L) + |