diff options
| author | Martin Wilke <miwi@FreeBSD.org> | 2012-02-18 17:53:53 +0000 |
|---|---|---|
| committer | Martin Wilke <miwi@FreeBSD.org> | 2012-02-18 17:53:53 +0000 |
| commit | c70027929c625a6c7a644180cb76d4bdfcf68a9c (patch) | |
| tree | f1b6b8247bd5625e6389d008814bb35ab4ac68e1 /lang/python31 | |
| parent | A RESTful web framework with strong compile-time guarantees of correctness. (diff) | |
- Mark Python as Secure
- Fix DoS via malformed XML-RPC / HTTP POST
Submitted by: rm@
Reported by: many
Obtained from: python hg
Security: http://www.vuxml.org/freebsd/b4f8be9e-56b2-11e1-9fb7-003067b2972c.html
Notes
Notes:
svn path=/head/; revision=291731
Diffstat (limited to 'lang/python31')
| -rw-r--r-- | lang/python31/Makefile | 2 | ||||
| -rw-r--r-- | lang/python31/files/patch-CVE-2012-0845 | 15 | ||||
| -rw-r--r-- | lang/python31/pr-patch | 23 |
3 files changed, 39 insertions, 1 deletions
diff --git a/lang/python31/Makefile b/lang/python31/Makefile index f4b9260ca7f1..22935d91857c 100644 --- a/lang/python31/Makefile +++ b/lang/python31/Makefile @@ -7,7 +7,7 @@ PORTNAME= python31 PORTVERSION= 3.1.4 -PORTREVISION= 2 +PORTREVISION= 3 CATEGORIES= lang python ipv6 MASTER_SITES= ${PYTHON_MASTER_SITES} MASTER_SITE_SUBDIR= ${PYTHON_MASTER_SITE_SUBDIR} diff --git a/lang/python31/files/patch-CVE-2012-0845 b/lang/python31/files/patch-CVE-2012-0845 new file mode 100644 index 000000000000..9a381c22e345 --- /dev/null +++ b/lang/python31/files/patch-CVE-2012-0845 @@ -0,0 +1,15 @@ +diff --git a/Lib/xmlrpc/server.py b/Lib/xmlrpc/server.py +--- Lib/xmlrpc/server.py ++++ Lib/xmlrpc/server.py +@@ -476,7 +476,10 @@ + L = [] + while size_remaining: + chunk_size = min(size_remaining, max_chunk_size) +- L.append(self.rfile.read(chunk_size)) ++ chunk = self.rfile.read(chunk_size) ++ if not chunk: ++ break ++ L.append(chunk) + size_remaining -= len(L[-1]) + data = b''.join(L) + diff --git a/lang/python31/pr-patch b/lang/python31/pr-patch new file mode 100644 index 000000000000..7f8e8b5c286b --- /dev/null +++ b/lang/python31/pr-patch @@ -0,0 +1,23 @@ + +--- python31ppc.diff begins here --- +Index: files/patch-Modules-_ctypes-libffi-src-powerpc-ffitarget.h +=================================================================== +RCS file: files/patch-Modules-_ctypes-libffi-src-powerpc-ffitarget.h +diff -N files/patch-Modules-_ctypes-libffi-src-powerpc-ffitarget.h +--- /dev/null 1 Jan 1970 00:00:00 -0000 ++++ files/patch-Modules-_ctypes-libffi-src-powerpc-ffitarget.h 17 Nov 2011 05:09:15 -0000 +@@ -0,0 +1,11 @@ ++--- Modules/_ctypes/libffi/src/powerpc/ffitarget.h.orig 2011-11-16 20:32:42.000000000 -0800 +++++ Modules/_ctypes/libffi/src/powerpc/ffitarget.h 2011-11-16 20:33:23.000000000 -0800 ++@@ -78,6 +78,8 @@ ++ FFI_SYSV, ++ FFI_GCC_SYSV, ++ FFI_LINUX64, +++ FFI_LINUX, +++ FFI_LINUX_SOFT_FLOAT, ++ FFI_DEFAULT_ABI = FFI_SYSV, ++ #endif ++ +--- python31ppc.diff ends here --- + + |