pkgsrc-Changes archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

CVS commit: pkgsrc/lang/python24

Module Name:    pkgsrc
Committed By:   obache
Date:           Sat Apr 23 08:53:53 UTC 2011

Modified Files:
        pkgsrc/lang/python24: Makefile PLIST.common distinfo
        pkgsrc/lang/python24/patches: patch-aq
Removed Files:
        pkgsrc/lang/python24/patches: patch-au patch-ba patch-bb patch-bc
            patch-bd patch-be patch-bf patch-bg patch-bh patch-bi patch-bj
            patch-bk patch-bl patch-bm

Log Message:
Update python24 to 2.4.6.

What's New in Python 2.4.6?

*Release date: 19-Dec-2008*

What's New in Python 2.4.6c1?

*Release date: 13-Dec-2008*

Core and builtins

- Issue #4469: Prevent expandtabs() on string and unicode
  objects from causing a segfault when a large width is passed
  on 32-bit platforms. CVE-2008-5031.

- Issue #4317: Fixed a crash in the imageop.rgb2rgb8() function.

- Issue #4230: Fix a crash when a class has a custom __getattr__ and an
  __getattribute__ method that deletes the __getattr__ attribute.

- Apply security patches from Apple. CVE-2008-2315.

- Issue #2620: Overflow checking when allocating or reallocating memory
  was not always being done properly in some python types and extension
  modules.  PyMem_MALLOC, PyMem_REALLOC, PyMem_NEW and PyMem_RESIZE have
  all been updated to perform better checks and places in the code that
  would previously leak memory on the error path when such an allocation
  failed have been fixed.

- Issue #1179: Fix CVE-2007-4965 and CVE-2008-1679, multiple integer
  overflows in the imageop and rgbimgmodule modules.

- Issue #2586: Fix CVE-2008-1721, zlib crash from
  zlib.decompressobj().flush(val) when val is not positive.

- Issues #2588, #2589: Fix potential integer underflow and overflow
  conditions in the PyOS_vsnprintf C API function. CVE-2008-3144.

- Issue #2587: In the C API, PyString_FromStringAndSize() takes a signed size
  parameter but was not verifying that it was greater than zero.  Values
  less than zero will now raise a SystemError and return NULL to indicate a
  bug in the calling C code. CVE-2008-1887.

- Security Issue #2: imageop did not validate arguments correctly and could
  segfault as a result. CVE-2008-4864.

Extension Modules





- Tools/faqwiz/ Fix unsecure use of temporary files.

To generate a diff of this commit:
cvs rdiff -u -r1.55 -r1.56 pkgsrc/lang/python24/Makefile
cvs rdiff -u -r1.11 -r1.12 pkgsrc/lang/python24/PLIST.common
cvs rdiff -u -r1.1 -r1.2 pkgsrc/lang/python24/
cvs rdiff -u -r1.33 -r1.34 pkgsrc/lang/python24/distinfo
cvs rdiff -u -r1.1 -r1.2 pkgsrc/lang/python24/patches/patch-aq
cvs rdiff -u -r1.1 -r0 pkgsrc/lang/python24/patches/patch-au \
    pkgsrc/lang/python24/patches/patch-ba \
    pkgsrc/lang/python24/patches/patch-bb \
    pkgsrc/lang/python24/patches/patch-bc \
    pkgsrc/lang/python24/patches/patch-bd \
    pkgsrc/lang/python24/patches/patch-be \
    pkgsrc/lang/python24/patches/patch-bf \
    pkgsrc/lang/python24/patches/patch-bg \
    pkgsrc/lang/python24/patches/patch-bh \
    pkgsrc/lang/python24/patches/patch-bi \
    pkgsrc/lang/python24/patches/patch-bj \
    pkgsrc/lang/python24/patches/patch-bk \
    pkgsrc/lang/python24/patches/patch-bl \

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Home | Main Index | Thread Index | Old Index