From 25ab1f448efbe2bedbf0ebce9eca8d5c154fad56 Mon Sep 17 00:00:00 2001
From: Leonardo Arena <rnalrd@alpinelinux.org>
Date: Wed, 22 Aug 2018 13:23:25 +0000
Subject: main/python2: security upgrade to 2.7.15 (CVE-2018-1060,
 CVE-2018-1061)

Fixes #9269
---
 main/python2/APKBUILD | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

(limited to 'main/python2')

diff --git a/main/python2/APKBUILD b/main/python2/APKBUILD
index eae2a0d211..3a00819e2e 100644
--- a/main/python2/APKBUILD
+++ b/main/python2/APKBUILD
@@ -2,7 +2,7 @@
 
 pkgname=python2
 # the python2-tkinter's pkgver needs to be synchronized with this.
-pkgver=2.7.14
+pkgver=2.7.15
 _verbase=${pkgver%.*}
 pkgrel=2
 pkgdesc="A high-level scripting language"
@@ -20,6 +20,11 @@ source="http://www.python.org/ftp/python/$pkgver/Python-$pkgver.tar.xz
 	unchecked-ioctl.patch"
 builddir="$srcdir/Python-$pkgver"
 
+# secfixes
+#   2.7.15-r0:
+#     - CVE-2018-1060
+#     - CVE-2018-1061
+
 prepare() {
 	default_prepare
 
@@ -119,6 +124,6 @@ gdbm() {
 	_mv_files $(find usr/lib -name '*gdbm*')
 }
 
-sha512sums="78310b0be6388ffa15f29a80afb9ab3c03a572cb094e9da00cfe391afadb51696e41f592eb658d6a31a2f422fdac8a55214a382cbb8cfb43d4a127d5b35ea7f9  Python-2.7.14.tar.xz
+sha512sums="27ea43eb45fc68f3d2469d5f07636e10801dee11635a430ec8ec922ed790bb426b072da94df885e4dfa1ea8b7a24f2f56dd92f9b0f51e162330f161216bd6de6  Python-2.7.15.tar.xz
 ab8eaa2858d5109049b1f9f553198d40e0ef8d78211ad6455f7b491af525bffb16738fed60fc84e960c4889568d25753b9e4a1494834fea48291b33f07000ec2  musl-find_library.patch
 5a8e013a4132d71c4360771f130d27b37275ae59330cf9a75378dc8a11236017f540eb224f2a148984e82ca3fb6b29129375b1080ba05b81044faa717520ab82  unchecked-ioctl.patch"
-- 
cgit v1.2.3