diff options
| author | Martin Wilke <miwi@FreeBSD.org> | 2012-02-18 17:53:53 +0000 |
|---|---|---|
| committer | Martin Wilke <miwi@FreeBSD.org> | 2012-02-18 17:53:53 +0000 |
| commit | c70027929c625a6c7a644180cb76d4bdfcf68a9c (patch) | |
| tree | f1b6b8247bd5625e6389d008814bb35ab4ac68e1 /lang/python25 | |
| parent | A RESTful web framework with strong compile-time guarantees of correctness. (diff) | |
- Mark Python as Secure
- Fix DoS via malformed XML-RPC / HTTP POST
Submitted by: rm@
Reported by: many
Obtained from: python hg
Security: http://www.vuxml.org/freebsd/b4f8be9e-56b2-11e1-9fb7-003067b2972c.html
Notes
Notes:
svn path=/head/; revision=291731
Diffstat (limited to 'lang/python25')
| -rw-r--r-- | lang/python25/Makefile | 2 | ||||
| -rw-r--r-- | lang/python25/files/patch-CVE-2012-0845 | 14 |
2 files changed, 15 insertions, 1 deletions
diff --git a/lang/python25/Makefile b/lang/python25/Makefile index 6cf4d9f83670..d8d22f3e06f6 100644 --- a/lang/python25/Makefile +++ b/lang/python25/Makefile @@ -7,7 +7,7 @@ PORTNAME= python25 PORTVERSION= 2.5.6 -PORTREVISION= 2 +PORTREVISION= 3 CATEGORIES= lang python ipv6 MASTER_SITES= ${PYTHON_MASTER_SITES} MASTER_SITE_SUBDIR= ${PYTHON_MASTER_SITE_SUBDIR} diff --git a/lang/python25/files/patch-CVE-2012-0845 b/lang/python25/files/patch-CVE-2012-0845 new file mode 100644 index 000000000000..a205a7de0ea5 --- /dev/null +++ b/lang/python25/files/patch-CVE-2012-0845 @@ -0,0 +1,14 @@ +--- Lib/SimpleXMLRPCServer.py.orig 2011-06-11 19:46:23.000000000 +0400 ++++ Lib/SimpleXMLRPCServer.py 2012-02-15 12:50:23.000000000 +0400 +@@ -486,7 +486,10 @@ + L = [] + while size_remaining: + chunk_size = min(size_remaining, max_chunk_size) +- L.append(self.rfile.read(chunk_size)) ++ chunk = self.rfile.read(chunk_size) ++ if not chunk: ++ break ++ L.append(chunk) + size_remaining -= len(L[-1]) + data = ''.join(L) + |