summaryrefslogtreecommitdiff
path: root/lang/python26
diff options
context:
space:
mode:
authordrochner <drochner@pkgsrc.org>2014-10-27 20:11:34 +0000
committerdrochner <drochner@pkgsrc.org>2014-10-27 20:11:34 +0000
commitced451ce953e854d605ecbaa06dbedcf1c6ed6b8 (patch)
tree6ac729418d3b6e0c48c98cf1689c5b311837973e /lang/python26
parentf8fd30c34e69a0664a51a325a2ba170fe6f0aecb (diff)
downloadpkgsrc-ced451ce953e854d605ecbaa06dbedcf1c6ed6b8.tar.gz
apply patch from upstream to fix possible overflow in "buffer"
object accesses (CVE-2014-7185) bump PKGREV
Diffstat (limited to 'lang/python26')
-rw-r--r--lang/python26/Makefile4
-rw-r--r--lang/python26/distinfo3
-rw-r--r--lang/python26/patches/patch-CVE-2014-718515
3 files changed, 19 insertions, 3 deletions
diff --git a/lang/python26/Makefile b/lang/python26/Makefile
index bfe31246d09..f8e02a7ca80 100644
--- a/lang/python26/Makefile
+++ b/lang/python26/Makefile
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.63 2014/04/13 14:56:56 bsiegert Exp $
+# $NetBSD: Makefile,v 1.64 2014/10/27 20:11:34 drochner Exp $
.include "dist.mk"
-PKGREVISION= 3
+PKGREVISION= 4
PKGNAME= python26-${PY_DISTVERSION}
CATEGORIES= lang python
diff --git a/lang/python26/distinfo b/lang/python26/distinfo
index c42d19b690c..7e8f64b471a 100644
--- a/lang/python26/distinfo
+++ b/lang/python26/distinfo
@@ -1,8 +1,9 @@
-$NetBSD: distinfo,v 1.59 2014/05/21 00:35:50 obache Exp $
+$NetBSD: distinfo,v 1.60 2014/10/27 20:11:34 drochner Exp $
SHA1 (Python-2.6.9.tar.xz) = 2fc159946dfcceffbe4a8638de32d0cd8059c2f8
RMD160 (Python-2.6.9.tar.xz) = 42edf7c9f2f64b77ab173de30ea453257c2c06b3
Size (Python-2.6.9.tar.xz) = 9333664 bytes
+SHA1 (patch-CVE-2014-7185) = 768199954b166474ab471e34afc9238fd7125ce8
SHA1 (patch-Lib_distutils_unixccompiler.py) = 1ce01fbe2d36cf0c7ce347c878cfe2d290ec8490
SHA1 (patch-Mac_Modules_fm___Fmmodule.c) = b9314bccb51b4fe672b81559068f7a79d2965f94
SHA1 (patch-Mac_Modules_qd___Qdmodule.c) = 45c748b15b9436d45ba137460389638aa7108c8d
diff --git a/lang/python26/patches/patch-CVE-2014-7185 b/lang/python26/patches/patch-CVE-2014-7185
new file mode 100644
index 00000000000..d46e7b06ad6
--- /dev/null
+++ b/lang/python26/patches/patch-CVE-2014-7185
@@ -0,0 +1,15 @@
+$NetBSD: patch-CVE-2014-7185,v 1.1 2014/10/27 20:11:34 drochner Exp $
+
+http://bugs.python.org/issue21831
+
+--- Objects/bufferobject.c.orig 2014-10-27 19:46:40.000000000 +0000
++++ Objects/bufferobject.c
+@@ -88,7 +88,7 @@ get_buf(PyBufferObject *self, void **ptr
+ *size = count;
+ else
+ *size = self->b_size;
+- if (offset + *size > count)
++ if (*size > count - offset)
+ *size = count - offset;
+ }
+ return 1;