pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/pkgsrc-2005Q3]: pkgsrc/lang Pullup ticket 895 - requested by Adrian P...
details: https://anonhg.NetBSD.org/pkgsrc/rev/c1be7ce211ef
branches: pkgsrc-2005Q3
changeset: 499664:c1be7ce211ef
user: salo <salo%pkgsrc.org@localhost>
date: Sat Nov 05 15:47:36 2005 +0000
description:
Pullup ticket 895 - requested by Adrian Portelli
security fix for python21
Revisions pulled up:
- pkgsrc/lang/python21/Makefile 1.24
- pkgsrc/lang/python21/distinfo 1.20
- pkgsrc/lang/python21/patches/patch-bd 1.1
- pkgsrc/lang/python21/patches/patch-be 1.1
- pkgsrc/lang/python21/patches/patch-bf 1.1
- pkgsrc/lang/python21-pth/Makefile 1.17
Module Name: pkgsrc
Committed By: adrianp
Date: Tue Nov 1 21:48:32 UTC 2005
Modified Files:
pkgsrc/lang/python21-pth: Makefile
Log Message:
nb bump for security fix
---
Module Name: pkgsrc
Committed By: adrianp
Date: Tue Nov 1 21:49:31 UTC 2005
Modified Files:
pkgsrc/lang/python21: Makefile distinfo
Added Files:
pkgsrc/lang/python21/patches: patch-bd patch-be patch-bf
Log Message:
Bump to nb8 for PCRE security issue
diffstat:
lang/python21-pth/Makefile | 4 +-
lang/python21/Makefile | 4 +-
lang/python21/distinfo | 5 ++-
lang/python21/patches/patch-bd | 12 ++++++
lang/python21/patches/patch-be | 19 ++++++++++
lang/python21/patches/patch-bf | 73 ++++++++++++++++++++++++++++++++++++++++++
6 files changed, 112 insertions(+), 5 deletions(-)
diffs (162 lines):
diff -r 287695405ada -r c1be7ce211ef lang/python21-pth/Makefile
--- a/lang/python21-pth/Makefile Sat Nov 05 15:28:30 2005 +0000
+++ b/lang/python21-pth/Makefile Sat Nov 05 15:47:36 2005 +0000
@@ -1,9 +1,9 @@
-# $NetBSD: Makefile,v 1.16 2005/04/11 21:46:15 tv Exp $
+# $NetBSD: Makefile,v 1.16.4.1 2005/11/05 15:47:36 salo Exp $
#
DISTNAME= Python-2.1.3
PKGNAME= python21-pth-2.1.3
-PKGREVISION= 6
+PKGREVISION= 7
CATEGORIES= lang python
MASTER_SITES= # empty
DISTFILES= # empty
diff -r 287695405ada -r c1be7ce211ef lang/python21/Makefile
--- a/lang/python21/Makefile Sat Nov 05 15:28:30 2005 +0000
+++ b/lang/python21/Makefile Sat Nov 05 15:47:36 2005 +0000
@@ -1,9 +1,9 @@
-# $NetBSD: Makefile,v 1.23 2005/05/29 11:18:35 minskim Exp $
+# $NetBSD: Makefile,v 1.23.4.1 2005/11/05 15:47:36 salo Exp $
#
DISTNAME= Python-2.1.3
PKGNAME= python21-2.1.3
-PKGREVISION= 7
+PKGREVISION= 8
CATEGORIES= lang python
MASTER_SITES= ftp://ftp.python.org/pub/python/2.1.3/
EXTRACT_SUFX= .tgz
diff -r 287695405ada -r c1be7ce211ef lang/python21/distinfo
--- a/lang/python21/distinfo Sat Nov 05 15:28:30 2005 +0000
+++ b/lang/python21/distinfo Sat Nov 05 15:47:36 2005 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.19 2005/05/29 11:07:49 minskim Exp $
+$NetBSD: distinfo,v 1.19.4.1 2005/11/05 15:47:36 salo Exp $
SHA1 (Python-2.1.3.tgz) = 7042a5c5fd60d334c0ac227885d68a4c305713b4
RMD160 (Python-2.1.3.tgz) = d7216480cf884507d97bf7932767871977fc1ccc
@@ -14,3 +14,6 @@
SHA1 (patch-aj) = ca232f769b57f617496f5c8701a0a32fe55f1fd9
SHA1 (patch-bb) = 81780dd270791238687e57fb2969abe3547ea79d
SHA1 (patch-bc) = 6761f59c7403b76420970288dc89330c094f7b2c
+SHA1 (patch-bd) = 1fcff14864fbd52f350f63bec57e2952a4715ca4
+SHA1 (patch-be) = e1e5675e8b1059bd7836f8f23382a8305382a91b
+SHA1 (patch-bf) = 5a4f05c563d46c66485780c8dd8badac624c4f49
diff -r 287695405ada -r c1be7ce211ef lang/python21/patches/patch-bd
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/lang/python21/patches/patch-bd Sat Nov 05 15:47:36 2005 +0000
@@ -0,0 +1,12 @@
+$NetBSD: patch-bd,v 1.1.2.2 2005/11/05 15:47:36 salo Exp $
+
+--- Modules/pcre.h.orig 2000-06-28 21:56:30.000000000 +0100
++++ Modules/pcre.h
+@@ -40,6 +40,7 @@ extern "C" {
+ #ifdef FOR_PYTHON
+ #define PCRE_LOCALE 0x0200
+ #endif
++#define PCRE_NO_AUTO_CAPTURE 0x1000
+
+ /* Exec-time error codes */
+
diff -r 287695405ada -r c1be7ce211ef lang/python21/patches/patch-be
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/lang/python21/patches/patch-be Sat Nov 05 15:47:36 2005 +0000
@@ -0,0 +1,19 @@
+$NetBSD: patch-be,v 1.1.2.2 2005/11/05 15:47:36 salo Exp $
+
+--- Modules/pcre-int.h.orig 1998-05-07 16:32:38.000000000 +0100
++++ Modules/pcre-int.h
+@@ -81,11 +81,12 @@ only some permitted at run or study time
+ #define PUBLIC_OPTIONS \
+ (PCRE_CASELESS|PCRE_EXTENDED|PCRE_ANCHORED|PCRE_MULTILINE| \
+ PCRE_DOTALL|PCRE_DOLLAR_ENDONLY|PCRE_EXTRA|PCRE_UNGREEDY| \
+- PCRE_LOCALE)
++ PCRE_NO_AUTO_CAPTURE|PCRE_LOCALE)
+ #else
+ #define PUBLIC_OPTIONS \
+ (PCRE_CASELESS|PCRE_EXTENDED|PCRE_ANCHORED|PCRE_MULTILINE| \
+- PCRE_DOTALL|PCRE_DOLLAR_ENDONLY|PCRE_EXTRA|PCRE_UNGREEDY)
++ PCRE_DOTALL|PCRE_DOLLAR_ENDONLY|PCRE_EXTRA|PCRE_UNGREEDY| \
++ PCRE_NO_AUTO_CAPTURE)
+ #endif
+ #define PUBLIC_EXEC_OPTIONS \
+ (PCRE_CASELESS|PCRE_ANCHORED|PCRE_MULTILINE|PCRE_NOTBOL|PCRE_NOTEOL| \
diff -r 287695405ada -r c1be7ce211ef lang/python21/patches/patch-bf
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/lang/python21/patches/patch-bf Sat Nov 05 15:47:36 2005 +0000
@@ -0,0 +1,73 @@
+$NetBSD: patch-bf,v 1.1.2.2 2005/11/05 15:47:36 salo Exp $
+
+--- Modules/pypcre.c.orig 2000-08-02 14:41:18.000000000 +0100
++++ Modules/pypcre.c
+@@ -1162,14 +1162,31 @@ read_repeat_counts(const uschar *p, int
+ int min = 0;
+ int max = -1;
+
++/* Read the minimum value and do a paranoid check: a negative value indicates
++an integer overflow. */
++
+ while ((pcre_ctypes[*p] & ctype_digit) != 0) min = min * 10 + *p++ - '0';
+
++if (min < 0 || min > 65535)
++ {
++ *errorptr = ERR5;
++ return p;
++ }
++
++/* Read the maximum value if there is one, and again do a paranoid on its size
++. Also, max must not be less than min. */
++
+ if (*p == '}') max = min; else
+ {
+ if (*(++p) != '}')
+ {
+ max = 0;
+ while((pcre_ctypes[*p] & ctype_digit) != 0) max = max * 10 + *p++ - '0';
++ if (max < 0 || max > 65535)
++ {
++ *errorptr = ERR5;
++ return p;
++ }
+ if (max < min)
+ {
+ *errorptr = ERR4;
+@@ -2266,6 +2283,7 @@ int c, size;
+ int bracount = 0;
+ int brastack[200];
+ int top_backref = 0;
++BOOL capturing;
+ unsigned int brastackptr = 0;
+ uschar *code;
+ const uschar *ptr;
+@@ -2445,7 +2463,8 @@ while ((c = *(++ptr)) != 0)
+ /* Brackets may be genuine groups or special things */
+
+ case '(':
+-
++ capturing = FALSE;
++
+ /* Handle special forms of bracket, which all start (? */
+
+ if (ptr[1] == '?') switch (c = ptr[2])
+@@ -2541,11 +2560,16 @@ while ((c = *(++ptr)) != 0)
+ }
+ continue; /* End of this bracket handling */
+ }
++
++ /* Ordinary parentheses, not followed by '?', are capturing unless
++ PCRE_NO_AUTO_CAPTURE is set. */
+
++ else capturing = (options & PCRE_NO_AUTO_CAPTURE) == 0;
++
+ /* Extracting brackets must be counted so we can process escapes in a
+ Perlish way. */
+-
+- else bracount++;
++
++ if (capturing) bracount++;
+
+ /* Non-special forms of bracket. Save length for computing whole length
+ at end if there's a repeat that requires duplication of the group. */
Home |
Main Index |
Thread Index |
Old Index