diff options
| author | drochner <drochner@pkgsrc.org> | 2014-10-27 20:11:34 +0000 |
|---|---|---|
| committer | drochner <drochner@pkgsrc.org> | 2014-10-27 20:11:34 +0000 |
| commit | ced451ce953e854d605ecbaa06dbedcf1c6ed6b8 (patch) | |
| tree | 6ac729418d3b6e0c48c98cf1689c5b311837973e /lang | |
| parent | f8fd30c34e69a0664a51a325a2ba170fe6f0aecb (diff) | |
| download | pkgsrc-ced451ce953e854d605ecbaa06dbedcf1c6ed6b8.tar.gz | |
apply patch from upstream to fix possible overflow in "buffer"
object accesses (CVE-2014-7185)
bump PKGREV
Diffstat (limited to 'lang')
| -rw-r--r-- | lang/python26/Makefile | 4 | ||||
| -rw-r--r-- | lang/python26/distinfo | 3 | ||||
| -rw-r--r-- | lang/python26/patches/patch-CVE-2014-7185 | 15 |
3 files changed, 19 insertions, 3 deletions
diff --git a/lang/python26/Makefile b/lang/python26/Makefile index bfe31246d09..f8e02a7ca80 100644 --- a/lang/python26/Makefile +++ b/lang/python26/Makefile @@ -1,8 +1,8 @@ -# $NetBSD: Makefile,v 1.63 2014/04/13 14:56:56 bsiegert Exp $ +# $NetBSD: Makefile,v 1.64 2014/10/27 20:11:34 drochner Exp $ .include "dist.mk" -PKGREVISION= 3 +PKGREVISION= 4 PKGNAME= python26-${PY_DISTVERSION} CATEGORIES= lang python diff --git a/lang/python26/distinfo b/lang/python26/distinfo index c42d19b690c..7e8f64b471a 100644 --- a/lang/python26/distinfo +++ b/lang/python26/distinfo @@ -1,8 +1,9 @@ -$NetBSD: distinfo,v 1.59 2014/05/21 00:35:50 obache Exp $ +$NetBSD: distinfo,v 1.60 2014/10/27 20:11:34 drochner Exp $ SHA1 (Python-2.6.9.tar.xz) = 2fc159946dfcceffbe4a8638de32d0cd8059c2f8 RMD160 (Python-2.6.9.tar.xz) = 42edf7c9f2f64b77ab173de30ea453257c2c06b3 Size (Python-2.6.9.tar.xz) = 9333664 bytes +SHA1 (patch-CVE-2014-7185) = 768199954b166474ab471e34afc9238fd7125ce8 SHA1 (patch-Lib_distutils_unixccompiler.py) = 1ce01fbe2d36cf0c7ce347c878cfe2d290ec8490 SHA1 (patch-Mac_Modules_fm___Fmmodule.c) = b9314bccb51b4fe672b81559068f7a79d2965f94 SHA1 (patch-Mac_Modules_qd___Qdmodule.c) = 45c748b15b9436d45ba137460389638aa7108c8d diff --git a/lang/python26/patches/patch-CVE-2014-7185 b/lang/python26/patches/patch-CVE-2014-7185 new file mode 100644 index 00000000000..d46e7b06ad6 --- /dev/null +++ b/lang/python26/patches/patch-CVE-2014-7185 @@ -0,0 +1,15 @@ +$NetBSD: patch-CVE-2014-7185,v 1.1 2014/10/27 20:11:34 drochner Exp $ + +http://bugs.python.org/issue21831 + +--- Objects/bufferobject.c.orig 2014-10-27 19:46:40.000000000 +0000 ++++ Objects/bufferobject.c +@@ -88,7 +88,7 @@ get_buf(PyBufferObject *self, void **ptr + *size = count; + else + *size = self->b_size; +- if (offset + *size > count) ++ if (*size > count - offset) + *size = count - offset; + } + return 1; |