diff options
author | Domen Kožar <domen@dev.si> | 2014-06-04 14:11:21 +0200 |
---|---|---|
committer | Domen Kožar <domen@dev.si> | 2014-06-04 16:18:36 +0200 |
commit | 73169b3a37e1875a3124f578591ddb33f7413f01 (patch) | |
tree | d1f11fbb81b7a0256d4cffb0cada4776ec1fcdb0 /pkgs/development/interpreters/python | |
parent | 638132b64cc6de3bfde9dccc79c4f64292a378dc (diff) | |
download | nixlib-73169b3a37e1875a3124f578591ddb33f7413f01.tar nixlib-73169b3a37e1875a3124f578591ddb33f7413f01.tar.gz nixlib-73169b3a37e1875a3124f578591ddb33f7413f01.tar.bz2 nixlib-73169b3a37e1875a3124f578591ddb33f7413f01.tar.lz nixlib-73169b3a37e1875a3124f578591ddb33f7413f01.tar.xz nixlib-73169b3a37e1875a3124f578591ddb33f7413f01.tar.zst nixlib-73169b3a37e1875a3124f578591ddb33f7413f01.zip |
python: 2.7.6 -> 2.7.7
Diffstat (limited to 'pkgs/development/interpreters/python')
-rw-r--r-- | pkgs/development/interpreters/python/2.7/CVE-2014-1912.patch | 57 | ||||
-rw-r--r-- | pkgs/development/interpreters/python/2.7/default.nix | 8 |
2 files changed, 2 insertions, 63 deletions
diff --git a/pkgs/development/interpreters/python/2.7/CVE-2014-1912.patch b/pkgs/development/interpreters/python/2.7/CVE-2014-1912.patch deleted file mode 100644 index 95399bf76073..000000000000 --- a/pkgs/development/interpreters/python/2.7/CVE-2014-1912.patch +++ /dev/null @@ -1,57 +0,0 @@ -# Edited from Mercurial patch: deleted the NEWS hunk, since it didn't apply cleanly. -# It added the following line to NEWS: -# - Issue #20246: Fix buffer overflow in socket.recvfrom_into. - -# HG changeset patch -# User Benjamin Peterson <benjamin@python.org> -# Date 1389671978 18000 -# Node ID 87673659d8f7ba1623cd4914f09ad3d2ade034e9 -# Parent 2631d33ee7fbd5f0288931ef37872218d511d2e8 -complain when nbytes > buflen to fix possible buffer overflow (closes #20246) - -diff --git a/Lib/test/test_socket.py b/Lib/test/test_socket.py ---- a/Lib/test/test_socket.py -+++ b/Lib/test/test_socket.py -@@ -1620,6 +1620,16 @@ class BufferIOTest(SocketConnectedTest): - - _testRecvFromIntoMemoryview = _testRecvFromIntoArray - -+ def testRecvFromIntoSmallBuffer(self): -+ # See issue #20246. -+ buf = bytearray(8) -+ self.assertRaises(ValueError, self.cli_conn.recvfrom_into, buf, 1024) -+ -+ def _testRecvFromIntoSmallBuffer(self): -+ with test_support.check_py3k_warnings(): -+ buf = buffer(MSG*2048) -+ self.serv_conn.send(buf) -+ - - TIPC_STYPE = 2000 - TIPC_LOWER = 200 -diff --git a/Misc/ACKS b/Misc/ACKS ---- a/Misc/ACKS -+++ b/Misc/ACKS -@@ -979,6 +979,7 @@ Eric V. Smith - Christopher Smith - Gregory P. Smith - Roy Smith -+Ryan Smith-Roberts - Rafal Smotrzyk - Dirk Soede - Paul Sokolovsky -diff --git a/Misc/NEWS b/Misc/NEWS ---- a/Modules/socketmodule.c -+++ b/Modules/socketmodule.c -@@ -2742,6 +2742,10 @@ sock_recvfrom_into(PySocketSockObject *s - if (recvlen == 0) { - /* If nbytes was not specified, use the buffer's length */ - recvlen = buflen; -+ } else if (recvlen > buflen) { -+ PyErr_SetString(PyExc_ValueError, -+ "nbytes is greater than the length of the buffer"); -+ goto error; - } - - readlen = sock_recvfrom_guts(s, buf.buf, recvlen, flags, &addr); - diff --git a/pkgs/development/interpreters/python/2.7/default.nix b/pkgs/development/interpreters/python/2.7/default.nix index eeadc3c8cc7f..fc91e5a44937 100644 --- a/pkgs/development/interpreters/python/2.7/default.nix +++ b/pkgs/development/interpreters/python/2.7/default.nix @@ -8,11 +8,11 @@ with stdenv.lib; let majorVersion = "2.7"; - version = "${majorVersion}.6"; + version = "${majorVersion}.7"; src = fetchurl { url = "http://www.python.org/ftp/python/${version}/Python-${version}.tar.xz"; - sha256 = "18gnpyh071dxa0rv3silrz92jw9qpblswzwv4gzqcwxzz20qxmhz"; + sha256 = "0y6s12rdi89k24p8zarhy9fqmyy459yg0d125c7cac4v136y70r9"; }; patches = @@ -28,10 +28,6 @@ let # patch python to put zero timestamp into pyc # if DETERMINISTIC_BUILD env var is set ./deterministic-build.patch - - # See http://bugs.python.org/issue20246 - # This will be fixed in 2.7.7. - ./CVE-2014-1912.patch ]; postPatch = stdenv.lib.optionalString (stdenv.gcc.libc != null) '' |