diff options
| author | Natanael Copa <ncopa@alpinelinux.org> | 2014-02-24 15:27:57 +0000 |
|---|---|---|
| committer | Natanael Copa <ncopa@alpinelinux.org> | 2014-02-24 15:35:51 +0000 |
| commit | a893bba9afcb00456c7f08afa6142bdc6ce8f835 (patch) | |
| tree | cdd68d823abadc59a51832f3d358741e745c8d6e /main/python | |
| parent | 410ec3afdcfabbb618255727d873681d54cb2da2 (diff) | |
| download | aports-a893bba9afcb00456c7f08afa6142bdc6ce8f835.tar.bz2 aports-a893bba9afcb00456c7f08afa6142bdc6ce8f835.tar.xz | |
main/python: security fix for CVE-2014-1912
fixes #2711
Diffstat (limited to 'main/python')
| -rw-r--r-- | main/python/APKBUILD | 8 | ||||
| -rw-r--r-- | main/python/recvfrom_into_buffer_overflow_2.7.patch | 17 |
2 files changed, 21 insertions, 4 deletions
diff --git a/main/python/APKBUILD b/main/python/APKBUILD index 6f9841387a..5b280590a1 100644 --- a/main/python/APKBUILD +++ b/main/python/APKBUILD @@ -2,7 +2,7 @@ pkgname=python pkgver=2.7.5 _verbase=${pkgver%.*} -pkgrel=0 +pkgrel=1 pkgdesc="A high-level scripting language" url="http://www.python.org" arch="all" @@ -15,6 +15,7 @@ depends="" makedepends="expat-dev openssl-dev zlib-dev ncurses-dev bzip2-dev gdbm-dev sqlite-dev libffi-dev readline-dev" source="http://www.$pkgname.org/ftp/$pkgname/$pkgver/Python-$pkgver.tar.bz2 + recvfrom_into_buffer_overflow_2.7.patch " prepare() { @@ -75,6 +76,5 @@ gdbm() { _mv_files $(find usr/lib -name '*gdbm*') } -md5sums="6334b666b7ff2038c761d7b27ba699c1 Python-2.7.5.tar.bz2" -sha256sums="3b477554864e616a041ee4d7cef9849751770bc7c39adaf78a94ea145c488059 Python-2.7.5.tar.bz2" -sha512sums="e0080a380cc280575efb8ec065f99a1ab6f0ac0528c9bb5688414b1d6bb3f42645d8257557764049cefe40f40a0cd7afca1094099ecbf15b7a97757e3dd45492 Python-2.7.5.tar.bz2" +md5sums="6334b666b7ff2038c761d7b27ba699c1 Python-2.7.5.tar.bz2 +9bfbe06cf0752d5906992bb1e09198ca recvfrom_into_buffer_overflow_2.7.patch" diff --git a/main/python/recvfrom_into_buffer_overflow_2.7.patch b/main/python/recvfrom_into_buffer_overflow_2.7.patch new file mode 100644 index 0000000000..37e786bd3a --- /dev/null +++ b/main/python/recvfrom_into_buffer_overflow_2.7.patch @@ -0,0 +1,17 @@ +diff -r 40fb60df4755 Modules/socketmodule.c +--- a/Modules/socketmodule.c Sun Jan 12 12:11:47 2014 +0200 ++++ b/Modules/socketmodule.c Mon Jan 13 16:36:35 2014 -0800 +@@ -2744,6 +2744,13 @@ + recvlen = buflen; + } + ++ /* Check if the buffer is large enough */ ++ if (buflen < recvlen) { ++ PyErr_SetString(PyExc_ValueError, ++ "buffer too small for requested bytes"); ++ goto error; ++ } ++ + readlen = sock_recvfrom_guts(s, buf.buf, recvlen, flags, &addr); + if (readlen < 0) { + /* Return an error */ |