diff options
| author | drochner <drochner@pkgsrc.org> | 2012-02-15 12:21:40 +0000 |
|---|---|---|
| committer | drochner <drochner@pkgsrc.org> | 2012-02-15 12:21:40 +0000 |
| commit | 4173e7d3307e96beb8122ec2c5da6ea9e0fdf842 (patch) | |
| tree | e6808f7009a529056f14fd0b88328d4d88300183 /lang/python26 | |
| parent | 84ac718b17dc18dcb83fc57120d805f15d9cb7a2 (diff) | |
| download | pkgsrc-4173e7d3307e96beb8122ec2c5da6ea9e0fdf842.tar.gz | |
add patch from Python issue#14001 to fix xmlrpc server endless loop
by malformed request
bump PKGREV
Diffstat (limited to 'lang/python26')
| -rw-r--r-- | lang/python26/Makefile | 4 | ||||
| -rw-r--r-- | lang/python26/distinfo | 3 | ||||
| -rw-r--r-- | lang/python26/patches/patch-CVE-2012-0845 | 18 |
3 files changed, 22 insertions, 3 deletions
diff --git a/lang/python26/Makefile b/lang/python26/Makefile index c742f5255a3..da3a735ce7e 100644 --- a/lang/python26/Makefile +++ b/lang/python26/Makefile @@ -1,9 +1,9 @@ -# $NetBSD: Makefile,v 1.44 2012/01/18 14:00:10 adam Exp $ +# $NetBSD: Makefile,v 1.45 2012/02/15 12:21:40 drochner Exp $ .include "dist.mk" PKGNAME= python26-${PY_DISTVERSION} -PKGREVISION= 1 +PKGREVISION= 2 CATEGORIES= lang python MAINTAINER= pkgsrc-users@NetBSD.org diff --git a/lang/python26/distinfo b/lang/python26/distinfo index 4b6810de6c4..ea69bb1cbe6 100644 --- a/lang/python26/distinfo +++ b/lang/python26/distinfo @@ -1,8 +1,9 @@ -$NetBSD: distinfo,v 1.42 2011/12/16 17:04:18 hans Exp $ +$NetBSD: distinfo,v 1.43 2012/02/15 12:21:40 drochner Exp $ SHA1 (Python-2.6.7.tar.bz2) = 5d35eb746e85fb3deaff8518448137c9b9fb6daa RMD160 (Python-2.6.7.tar.bz2) = 513e84a7cb76ca876e3803bb03ed558bd0378063 Size (Python-2.6.7.tar.bz2) = 11084667 bytes +SHA1 (patch-CVE-2012-0845) = 1c0a8d7224b6b5cb65b24d38ac0967f8f8fb2da9 SHA1 (patch-Mac_Modules_fm___Fmmodule.c) = b9314bccb51b4fe672b81559068f7a79d2965f94 SHA1 (patch-Mac_Modules_qd___Qdmodule.c) = 45c748b15b9436d45ba137460389638aa7108c8d SHA1 (patch-Mac_Modules_qdoffs___Qdoffsmodule.c) = 9994f0c1a908f18f1f3df3f05b184f082c018365 diff --git a/lang/python26/patches/patch-CVE-2012-0845 b/lang/python26/patches/patch-CVE-2012-0845 new file mode 100644 index 00000000000..dd6f32cd8f6 --- /dev/null +++ b/lang/python26/patches/patch-CVE-2012-0845 @@ -0,0 +1,18 @@ +$NetBSD: patch-CVE-2012-0845,v 1.1 2012/02/15 12:21:40 drochner Exp $ + +see python bug #14001 + +--- Lib/SimpleXMLRPCServer.py.orig 2009-04-05 21:34:15.000000000 +0000 ++++ Lib/SimpleXMLRPCServer.py +@@ -459,7 +459,10 @@ class SimpleXMLRPCRequestHandler(BaseHTT + L = [] + while size_remaining: + chunk_size = min(size_remaining, max_chunk_size) +- L.append(self.rfile.read(chunk_size)) ++ chunk = self.rfile.read(chunk_size) ++ if not chunk: ++ break ++ L.append(chunk) + size_remaining -= len(L[-1]) + data = ''.join(L) + |