[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: pkgsrc/lang/python31
Module Name: pkgsrc
Committed By: obache
Date: Sat Apr 14 11:22:07 UTC 2012
pkgsrc/lang/python31: Makefile dist.mk distinfo
Update python31 to 3.1.5.
(CVE-2012-0845 is already fixed in pkgsrc)
What's New in Python 3.1.5?
*Release date: 2012-04-08*
Core and Builtins
- Issue #13703: oCERT-2011-003: add -R command-line option and PYTHONHASHSEED
environment variable, to provide an opt-in way to protect against denial of
service attacks due to hash collisions within the dict and set types. Patch
by David Malcolm, based on work by Victor Stinner.
- Issue #14234: CVE-2012-0876: Randomize hashes of xml attributes in the hash
table internal to the pyexpat module's copy of the expat library to avoid a
denial of service due to hash collisions. Patch by David Malcolm with some
modifications by the expat project.
- Issue #14001: CVE-2012-0845: xmlrpc: Fix an endless loop in
SimpleXMLRPCServer upon malformed POST request.
- Issue #13885: CVE-2011-3389: the _ssl module would always disable the CBC
IV attack countermeasure.
- Issue #11603: Fix a crash when __str__ is rebound as __repr__. Patch by
To generate a diff of this commit:
cvs rdiff -u -r1.9 -r1.10 pkgsrc/lang/python31/Makefile
cvs rdiff -u -r184.108.40.206 -r1.2 pkgsrc/lang/python31/dist.mk
cvs rdiff -u -r1.10 -r1.11 pkgsrc/lang/python31/distinfo
cvs rdiff -u -r1.1 -r0 pkgsrc/lang/python31/patches/patch-CVE-2012-0845
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Main Index |
Thread Index |