[pkgsrc/trunk]: pkgsrc/lang/python27/patches lang/python27: Add comments to p...

To: pkgsrc-changes-hg%NetBSD.org@localhost
Subject: [pkgsrc/trunk]: pkgsrc/lang/python27/patches lang/python27: Add comments to p...
From: mgorny <mgorny%pkgsrc.org@localhost>
Date: Sun, 20 Sep 2020 13:16:13 +0000

details:   https://anonhg.NetBSD.org/pkgsrc/rev/22ba36bfa600
branches:  trunk
changeset: 439535:22ba36bfa600
user:      mgorny <mgorny%pkgsrc.org@localhost>
date:      Sun Sep 20 12:10:27 2020 +0000

description:
lang/python27: Add comments to patches

Add comments explaining bugs fixed and patch source to patches.
Requested by Leonardo Taccari.

diffstat:

 lang/python27/patches/patch-Lib_httplib.py            |  7 ++++++-
 lang/python27/patches/patch-Lib_tarfile.py            |  7 ++++++-
 lang/python27/patches/patch-Lib_test_test__httplib.py |  7 ++++++-
 lang/python27/patches/patch-Lib_test_test__urllib2.py |  7 ++++++-
 lang/python27/patches/patch-Lib_urllib2.py            |  7 ++++++-
 5 files changed, 30 insertions(+), 5 deletions(-)

diffs (70 lines):

diff -r 3e11969da6cd -r 22ba36bfa600 lang/python27/patches/patch-Lib_httplib.py
--- a/lang/python27/patches/patch-Lib_httplib.py        Sun Sep 20 11:25:51 2020 +0000
+++ b/lang/python27/patches/patch-Lib_httplib.py        Sun Sep 20 12:10:27 2020 +0000
@@ -1,4 +1,9 @@
-$NetBSD: patch-Lib_httplib.py,v 1.1 2020/09/20 11:06:23 mgorny Exp $
+$NetBSD: patch-Lib_httplib.py,v 1.2 2020/09/20 12:10:27 mgorny Exp $
+
+bpo-39603 (no CVE): header injection via HTTP method
+
+taken from:
+https://gitweb.gentoo.org/fork/cpython.git/commit/?h=gentoo-2.7-vanilla&id=138e2caeb4827ccfd1eaff2cf63afb79dfeeb3c4
 
 --- Lib/httplib.py.orig        2020-04-19 21:13:39.000000000 +0000
 +++ Lib/httplib.py
diff -r 3e11969da6cd -r 22ba36bfa600 lang/python27/patches/patch-Lib_tarfile.py
--- a/lang/python27/patches/patch-Lib_tarfile.py        Sun Sep 20 11:25:51 2020 +0000
+++ b/lang/python27/patches/patch-Lib_tarfile.py        Sun Sep 20 12:10:27 2020 +0000
@@ -1,4 +1,9 @@
-$NetBSD: patch-Lib_tarfile.py,v 1.1 2020/09/20 11:06:23 mgorny Exp $
+$NetBSD: patch-Lib_tarfile.py,v 1.2 2020/09/20 12:10:27 mgorny Exp $
+
+bpo-39017 (CVE-2019-20907): infinite loop in tarfile.py
+
+taken from:
+https://gitweb.gentoo.org/fork/cpython.git/commit/?h=gentoo-2.7-vanilla&id=893e6e3aee483d262df70656a68f63f601720fcd
 
 --- Lib/tarfile.py.orig        2020-04-19 21:13:39.000000000 +0000
 +++ Lib/tarfile.py
diff -r 3e11969da6cd -r 22ba36bfa600 lang/python27/patches/patch-Lib_test_test__httplib.py
--- a/lang/python27/patches/patch-Lib_test_test__httplib.py     Sun Sep 20 11:25:51 2020 +0000
+++ b/lang/python27/patches/patch-Lib_test_test__httplib.py     Sun Sep 20 12:10:27 2020 +0000
@@ -1,4 +1,9 @@
-$NetBSD: patch-Lib_test_test__httplib.py,v 1.1 2020/09/20 11:06:23 mgorny Exp $
+$NetBSD: patch-Lib_test_test__httplib.py,v 1.2 2020/09/20 12:10:27 mgorny Exp $
+
+bpo-39603 (no CVE): header injection via HTTP method
+
+taken from:
+https://gitweb.gentoo.org/fork/cpython.git/commit/?h=gentoo-2.7-vanilla&id=138e2caeb4827ccfd1eaff2cf63afb79dfeeb3c4
 
 --- Lib/test/test_httplib.py.orig      2020-04-19 21:13:39.000000000 +0000
 +++ Lib/test/test_httplib.py
diff -r 3e11969da6cd -r 22ba36bfa600 lang/python27/patches/patch-Lib_test_test__urllib2.py
--- a/lang/python27/patches/patch-Lib_test_test__urllib2.py     Sun Sep 20 11:25:51 2020 +0000
+++ b/lang/python27/patches/patch-Lib_test_test__urllib2.py     Sun Sep 20 12:10:27 2020 +0000
@@ -1,4 +1,9 @@
-$NetBSD: patch-Lib_test_test__urllib2.py,v 1.1 2020/09/20 11:06:23 mgorny Exp $
+$NetBSD: patch-Lib_test_test__urllib2.py,v 1.2 2020/09/20 12:10:27 mgorny Exp $
+
+bpo-39503 (CVE-2020-8492): ReDoS on AbstractBasicAuthHandler
+
+taken from:
+https://gitweb.gentoo.org/fork/cpython.git/commit/?h=gentoo-2.7-vanilla&id=2273e65e11dd0234f2f51ebaef61fc6e848d4059
 
 --- Lib/test/test_urllib2.py.orig      2020-04-19 21:13:39.000000000 +0000
 +++ Lib/test/test_urllib2.py
diff -r 3e11969da6cd -r 22ba36bfa600 lang/python27/patches/patch-Lib_urllib2.py
--- a/lang/python27/patches/patch-Lib_urllib2.py        Sun Sep 20 11:25:51 2020 +0000
+++ b/lang/python27/patches/patch-Lib_urllib2.py        Sun Sep 20 12:10:27 2020 +0000
@@ -1,4 +1,9 @@
-$NetBSD: patch-Lib_urllib2.py,v 1.1 2020/09/20 11:06:23 mgorny Exp $
+$NetBSD: patch-Lib_urllib2.py,v 1.2 2020/09/20 12:10:27 mgorny Exp $
+
+bpo-39503 (CVE-2020-8492): ReDoS on AbstractBasicAuthHandler
+
+taken from:
+https://gitweb.gentoo.org/fork/cpython.git/commit/?h=gentoo-2.7-vanilla&id=2273e65e11dd0234f2f51ebaef61fc6e848d4059
 
 --- Lib/urllib2.py.orig        2020-04-19 21:13:39.000000000 +0000
 +++ Lib/urllib2.py

Prev by Date: [pkgsrc/trunk]: pkgsrc/doc doc: Updated pkgtools/pkg_notify to 0.4.8
Next by Date: [pkgsrc/trunk]: pkgsrc/lang/python27 lang/python27: Fix patch checksums
Previous by Thread: [pkgsrc/trunk]: pkgsrc/doc doc: Updated pkgtools/pkg_notify to 0.4.8
Next by Thread: [pkgsrc/trunk]: pkgsrc/lang/python27 lang/python27: Fix patch checksums
Indexes:

Home | Main Index | Thread Index | Old Index