diff options
author | Vladimír Čunát <vcunat@gmail.com> | 2014-06-09 19:07:20 +0200 |
---|---|---|
committer | Vladimír Čunát <vcunat@gmail.com> | 2014-06-09 19:07:31 +0200 |
commit | 5a98b9f5140578d8cbd4db8bddfe01e24249c2a9 (patch) | |
tree | ac2552b31325f3d262bd8728d7fd2e23db6ad5c8 /pkgs/development/interpreters/python | |
parent | 5e37c09f0664eb6583dbe30351cc3d21f1b4cadb (diff) | |
parent | e1a0d45d0046cc01388b98ab88cfe39b2f38fb88 (diff) | |
download | nixlib-5a98b9f5140578d8cbd4db8bddfe01e24249c2a9.tar nixlib-5a98b9f5140578d8cbd4db8bddfe01e24249c2a9.tar.gz nixlib-5a98b9f5140578d8cbd4db8bddfe01e24249c2a9.tar.bz2 nixlib-5a98b9f5140578d8cbd4db8bddfe01e24249c2a9.tar.lz nixlib-5a98b9f5140578d8cbd4db8bddfe01e24249c2a9.tar.xz nixlib-5a98b9f5140578d8cbd4db8bddfe01e24249c2a9.tar.zst nixlib-5a98b9f5140578d8cbd4db8bddfe01e24249c2a9.zip |
Merge recent master into p/stdenv
Merged just before the pypi update, as it seems to cause problems on Hydra.
Diffstat (limited to 'pkgs/development/interpreters/python')
-rw-r--r-- | pkgs/development/interpreters/python/2.7/CVE-2014-1912.patch | 57 | ||||
-rw-r--r-- | pkgs/development/interpreters/python/2.7/default.nix | 8 |
2 files changed, 2 insertions, 63 deletions
diff --git a/pkgs/development/interpreters/python/2.7/CVE-2014-1912.patch b/pkgs/development/interpreters/python/2.7/CVE-2014-1912.patch deleted file mode 100644 index 95399bf76073..000000000000 --- a/pkgs/development/interpreters/python/2.7/CVE-2014-1912.patch +++ /dev/null @@ -1,57 +0,0 @@ -# Edited from Mercurial patch: deleted the NEWS hunk, since it didn't apply cleanly. -# It added the following line to NEWS: -# - Issue #20246: Fix buffer overflow in socket.recvfrom_into. - -# HG changeset patch -# User Benjamin Peterson <benjamin@python.org> -# Date 1389671978 18000 -# Node ID 87673659d8f7ba1623cd4914f09ad3d2ade034e9 -# Parent 2631d33ee7fbd5f0288931ef37872218d511d2e8 -complain when nbytes > buflen to fix possible buffer overflow (closes #20246) - -diff --git a/Lib/test/test_socket.py b/Lib/test/test_socket.py ---- a/Lib/test/test_socket.py -+++ b/Lib/test/test_socket.py -@@ -1620,6 +1620,16 @@ class BufferIOTest(SocketConnectedTest): - - _testRecvFromIntoMemoryview = _testRecvFromIntoArray - -+ def testRecvFromIntoSmallBuffer(self): -+ # See issue #20246. -+ buf = bytearray(8) -+ self.assertRaises(ValueError, self.cli_conn.recvfrom_into, buf, 1024) -+ -+ def _testRecvFromIntoSmallBuffer(self): -+ with test_support.check_py3k_warnings(): -+ buf = buffer(MSG*2048) -+ self.serv_conn.send(buf) -+ - - TIPC_STYPE = 2000 - TIPC_LOWER = 200 -diff --git a/Misc/ACKS b/Misc/ACKS ---- a/Misc/ACKS -+++ b/Misc/ACKS -@@ -979,6 +979,7 @@ Eric V. Smith - Christopher Smith - Gregory P. Smith - Roy Smith -+Ryan Smith-Roberts - Rafal Smotrzyk - Dirk Soede - Paul Sokolovsky -diff --git a/Misc/NEWS b/Misc/NEWS ---- a/Modules/socketmodule.c -+++ b/Modules/socketmodule.c -@@ -2742,6 +2742,10 @@ sock_recvfrom_into(PySocketSockObject *s - if (recvlen == 0) { - /* If nbytes was not specified, use the buffer's length */ - recvlen = buflen; -+ } else if (recvlen > buflen) { -+ PyErr_SetString(PyExc_ValueError, -+ "nbytes is greater than the length of the buffer"); -+ goto error; - } - - readlen = sock_recvfrom_guts(s, buf.buf, recvlen, flags, &addr); - diff --git a/pkgs/development/interpreters/python/2.7/default.nix b/pkgs/development/interpreters/python/2.7/default.nix index 9b7fcf14b572..523587d38c88 100644 --- a/pkgs/development/interpreters/python/2.7/default.nix +++ b/pkgs/development/interpreters/python/2.7/default.nix @@ -8,11 +8,11 @@ with stdenv.lib; let majorVersion = "2.7"; - version = "${majorVersion}.6"; + version = "${majorVersion}.7"; src = fetchurl { url = "http://www.python.org/ftp/python/${version}/Python-${version}.tar.xz"; - sha256 = "18gnpyh071dxa0rv3silrz92jw9qpblswzwv4gzqcwxzz20qxmhz"; + sha256 = "0y6s12rdi89k24p8zarhy9fqmyy459yg0d125c7cac4v136y70r9"; }; patches = @@ -28,10 +28,6 @@ let # patch python to put zero timestamp into pyc # if DETERMINISTIC_BUILD env var is set ./deterministic-build.patch - - # See http://bugs.python.org/issue20246 - # This will be fixed in 2.7.7. - ./CVE-2014-1912.patch ]; postPatch = stdenv.lib.optionalString (stdenv.gcc.libc != null) '' |