pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/lang/python33 Update to 3.3.6.
details: https://anonhg.NetBSD.org/pkgsrc/rev/60cee7cbbe87
branches: trunk
changeset: 643933:60cee7cbbe87
user: he <he%pkgsrc.org@localhost>
date: Thu Jan 01 21:39:45 2015 +0000
description:
Update to 3.3.6.
Python 3.3.6 was released on October 11, 2014.
Python 3.3.6 includes fixes for a few of our previously added patches,
as well as other important security-related fixes. Local changes:
rename the configure patch, remove now-included patches.
Upstream list of changes for this version:
Core and Builtins
-----------------
- Issue #22518: Fixed integer overflow issues in "backslashreplace",
"xmlcharrefreplace", and "surrogatepass" error handlers.
- Issue #22520: Fix overflow checking when generating the repr of a unicode
object.
- Issue #22519: Fix overflow checking in PyBytes_Repr.
- Issue #22518: Fix integer overflow issues in latin-1 encoding.
Library
-------
- Issue #22517: When a io.BufferedRWPair object is deallocated, clear its
weakrefs.
- Issue #22419: Limit the length of incoming HTTP request in wsgiref server to
65536 bytes and send a 414 error code for higher lengths. Patch contributed
by Devin Cook.
- Lax cookie parsing in http.cookies could be a security issue when combined
with non-standard cookie handling in some Web browsers. Reported by
Sergey Bobrov.
- Issue #21766: Prevent a security hole in CGIHTTPServer by URL unquoting paths
before checking for a CGI script at that path.
- Fix arbitrary memory access in JSONDecoder.raw_decode with a negative second
parameter. Bug reported by Guido Vranken.
- Issue #20633: Replace relative import by absolute import.
- Issue #21082: In os.makedirs, do not set the process-wide umask. Note this
changes behavior of makedirs when exist_ok=True.
- Issue #20875: Prevent possible gzip "'read' is not defined" NameError.
Patch by Claudiu Popa.
- Issue #11599: When an external command (e.g. compiler) fails, distutils now
prints out the whole command line (instead of just the command name) if the
environment variable DISTUTILS_DEBUG is set.
- Issue #4931: distutils should not produce unhelpful "error: None" messages
anymore. distutils.util.grok_environment_error is kept but doc-deprecated.
- Issue #20283: RE pattern methods now accept the string keyword parameters
as documented. The pattern and source keyword parameters are left as
deprecated aliases.
- Issue #21323: Fix http.server to again handle scripts in CGI subdirectories,
broken by the fix for security issue #19435. Patch by Zach Byrne.
Tests
-----
- Issue #17752: Fix distutils tests when run from the installed location.
- Issue #20946: Correct alignment assumptions of some ctypes tests.
- Issue #20939: Fix test_geturl failure in test_urllibnet due to
new redirect of http://www.python.org/ to https://www.python.org.
diffstat:
lang/python33/Makefile | 3 +-
lang/python33/dist.mk | 4 +-
lang/python33/distinfo | 18 +-
lang/python33/patches/patch-Lib_http_server.py | 16 --
lang/python33/patches/patch-Lib_os.py | 57 -------
lang/python33/patches/patch-Lib_test_test__httpservers.py | 19 --
lang/python33/patches/patch-Misc_NEWS | 16 --
lang/python33/patches/patch-al | 103 --------------
lang/python33/patches/patch-an | 4 +-
lang/python33/patches/patch-aw | 4 +-
lang/python33/patches/patch-configure | 98 +++++++++++++
11 files changed, 114 insertions(+), 228 deletions(-)
diffs (truncated from 414 to 300 lines):
diff -r b443417dbed0 -r 60cee7cbbe87 lang/python33/Makefile
--- a/lang/python33/Makefile Thu Jan 01 21:05:13 2015 +0000
+++ b/lang/python33/Makefile Thu Jan 01 21:39:45 2015 +0000
@@ -1,9 +1,8 @@
-# $NetBSD: Makefile,v 1.26 2014/07/02 12:53:52 he Exp $
+# $NetBSD: Makefile,v 1.27 2015/01/01 21:39:45 he Exp $
.include "dist.mk"
PKGNAME= python33-${PY_DISTVERSION}
-PKGREVISION= 4
CATEGORIES= lang python
MAINTAINER= pkgsrc-users%NetBSD.org@localhost
diff -r b443417dbed0 -r 60cee7cbbe87 lang/python33/dist.mk
--- a/lang/python33/dist.mk Thu Jan 01 21:05:13 2015 +0000
+++ b/lang/python33/dist.mk Thu Jan 01 21:39:45 2015 +0000
@@ -1,6 +1,6 @@
-# $NetBSD: dist.mk,v 1.5 2014/03/12 10:39:43 wiz Exp $
+# $NetBSD: dist.mk,v 1.6 2015/01/01 21:39:45 he Exp $
-PY_DISTVERSION= 3.3.5
+PY_DISTVERSION= 3.3.6
DISTNAME= Python-${PY_DISTVERSION}
EXTRACT_SUFX= .tar.xz
DISTINFO_FILE= ${.CURDIR}/../../lang/python33/distinfo
diff -r b443417dbed0 -r 60cee7cbbe87 lang/python33/distinfo
--- a/lang/python33/distinfo Thu Jan 01 21:05:13 2015 +0000
+++ b/lang/python33/distinfo Thu Jan 01 21:39:45 2015 +0000
@@ -1,22 +1,18 @@
-$NetBSD: distinfo,v 1.18 2014/07/02 12:53:52 he Exp $
+$NetBSD: distinfo,v 1.19 2015/01/01 21:39:45 he Exp $
-SHA1 (Python-3.3.5.tar.xz) = 6683b26dd2cfd23af852abfcf1aedf25bbd44839
-RMD160 (Python-3.3.5.tar.xz) = 77398ecd76824983ad92c859f633e26675bacb4b
-Size (Python-3.3.5.tar.xz) = 12116308 bytes
+SHA1 (Python-3.3.6.tar.xz) = 0a86ae9e877467a62faed7ece208c0d6899b0991
+RMD160 (Python-3.3.6.tar.xz) = e45909eedf3648408ef8b34775ab24654181d9bd
+Size (Python-3.3.6.tar.xz) = 12116460 bytes
SHA1 (patch-Include_pyport.h) = 73bdd4bd4a4bfb11b163c3ccb3bb70bde4decc04
SHA1 (patch-Lib_distutils_unixccompiler.py) = 39cb8d1e1e3e76e2b6b5dbc1a6b5e0815300b2ce
-SHA1 (patch-Lib_http_server.py) = de8ef2c7765ad941fb2ccb124d533237b06bb583
-SHA1 (patch-Lib_os.py) = 6e6024a8451158f571e97cb3f2b515e315720a33
-SHA1 (patch-Lib_test_test__httpservers.py) = d7b0eb5b44e72fcead4a1091fc0757aa86bafe20
-SHA1 (patch-Misc_NEWS) = e345b0e87dc7ac2e3b8f40d02a8bedd0b55b4225
SHA1 (patch-aa) = 99ebcbbfc53b855a32b424dec27012e1e969c3d0
SHA1 (patch-ab) = 1c0a25bf7ec6ee76e84c799619ec7cd8910f16e1
SHA1 (patch-ah) = bb43aaab260935a5a0d5e7ce1ccc30f4832cab1d
-SHA1 (patch-al) = e5438d1bbc20cc85521b3570710846cf4a070ae1
SHA1 (patch-am) = ae28f14398c08f114c6b11f528a9e5eda90f003b
-SHA1 (patch-an) = 933acde107b735931d26ace4eef251000b9f07ba
+SHA1 (patch-an) = f497bc50789c957ee93b3e91f65cb8cd4f236d9b
SHA1 (patch-au) = c892f1004eb32e9608f93c08ec6f94e16bdca182
SHA1 (patch-av) = 9b44f339f65f029b7f17dbc654739a7ae3c12780
-SHA1 (patch-aw) = 598e4710c426110012048946786a6d72f050e0fc
+SHA1 (patch-aw) = c47387f377faad6b12d688ae5d56fec1298fcce7
+SHA1 (patch-configure) = 92981c99065149f59a1ec9089117c0481f702800
SHA1 (patch-pyconfig.h.in) = 7ebc0ed9ca9a37c5a6c8e04cc3f7fca4a5c90e8c
SHA1 (patch-xa) = fb81eaa604b4ed7c1b64c3f4731d58a8aee257be
diff -r b443417dbed0 -r 60cee7cbbe87 lang/python33/patches/patch-Lib_http_server.py
--- a/lang/python33/patches/patch-Lib_http_server.py Thu Jan 01 21:05:13 2015 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,16 +0,0 @@
-$NetBSD: patch-Lib_http_server.py,v 1.1 2014/07/02 12:53:52 he Exp $
-
-Fix for directory traversal vulnerability, ref.
-http://bugs.python.org/issue21766
-
---- Lib/http/server.py.orig 2014-03-09 08:40:10.000000000 +0000
-+++ Lib/http/server.py
-@@ -971,7 +971,7 @@ class CGIHTTPRequestHandler(SimpleHTTPRe
- (and the next character is a '/' or the end of the string).
-
- """
-- collapsed_path = _url_collapse_path(self.path)
-+ collapsed_path = _url_collapse_path(urllib.parse.unquote(self.path))
- dir_sep = collapsed_path.find('/', 1)
- head, tail = collapsed_path[:dir_sep], collapsed_path[dir_sep+1:]
- if head in self.cgi_directories:
diff -r b443417dbed0 -r 60cee7cbbe87 lang/python33/patches/patch-Lib_os.py
--- a/lang/python33/patches/patch-Lib_os.py Thu Jan 01 21:05:13 2015 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,57 +0,0 @@
-$NetBSD: patch-Lib_os.py,v 1.1 2014/05/15 12:33:10 wiz Exp $
-
-Fix CVE-2014-2667 based on upstream:
-http://hg.python.org/cpython/rev/6370d44013f7
-
---- Lib/os.py.orig 2014-03-09 08:40:12.000000000 +0000
-+++ Lib/os.py
-@@ -230,23 +230,16 @@ SEEK_SET = 0
- SEEK_CUR = 1
- SEEK_END = 2
-
--
--def _get_masked_mode(mode):
-- mask = umask(0)
-- umask(mask)
-- return mode & ~mask
--
- # Super directory utilities.
- # (Inspired by Eric Raymond; the doc strings are mostly his)
-
- def makedirs(name, mode=0o777, exist_ok=False):
- """makedirs(path [, mode=0o777][, exist_ok=False])
-
-- Super-mkdir; create a leaf directory and all intermediate ones.
-- Works like mkdir, except that any intermediate path segment (not
-- just the rightmost) will be created if it does not exist. If the
-- target directory with the same mode as we specified already exists,
-- raises an OSError if exist_ok is False, otherwise no exception is
-+ Super-mkdir; create a leaf directory and all intermediate ones. Works like
-+ mkdir, except that any intermediate path segment (not just the rightmost)
-+ will be created if it does not exist. If the target directory already
-+ exists, raise an OSError if exist_ok is False. Otherwise no exception is
- raised. This is recursive.
-
- """
-@@ -268,20 +261,7 @@ def makedirs(name, mode=0o777, exist_ok=
- try:
- mkdir(name, mode)
- except OSError as e:
-- dir_exists = path.isdir(name)
-- expected_mode = _get_masked_mode(mode)
-- if dir_exists:
-- # S_ISGID is automatically copied by the OS from parent to child
-- # directories on mkdir. Don't consider it being set to be a mode
-- # mismatch as mkdir does not unset it when not specified in mode.
-- actual_mode = st.S_IMODE(lstat(name).st_mode) & ~st.S_ISGID
-- else:
-- actual_mode = -1
-- if not (e.errno == errno.EEXIST and exist_ok and dir_exists and
-- actual_mode == expected_mode):
-- if dir_exists and actual_mode != expected_mode:
-- e.strerror += ' (mode %o != expected mode %o)' % (
-- actual_mode, expected_mode)
-+ if not exist_ok or e.errno != errno.EEXIST or not path.isdir(name):
- raise
-
- def removedirs(name):
diff -r b443417dbed0 -r 60cee7cbbe87 lang/python33/patches/patch-Lib_test_test__httpservers.py
--- a/lang/python33/patches/patch-Lib_test_test__httpservers.py Thu Jan 01 21:05:13 2015 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,19 +0,0 @@
-$NetBSD: patch-Lib_test_test__httpservers.py,v 1.1 2014/07/02 12:53:52 he Exp $
-
-Add test for fix for directory traversal vulnerability, ref.
-http://bugs.python.org/issue21766
-
---- Lib/test/test_httpservers.py.orig 2014-03-09 08:40:17.000000000 +0000
-+++ Lib/test/test_httpservers.py
-@@ -464,6 +464,11 @@ class CGIHTTPServerTestCase(BaseTestCase
- (res.read(), res.getheader('Content-type'), res.status))
- self.assertEqual(os.environ['SERVER_SOFTWARE'], signature)
-
-+ def test_urlquote_decoding_in_cgi_check(self):
-+ res = self.request('/cgi-bin%2ffile1.py')
-+ self.assertEqual((b'Hello World\n', 'text/html', 200),
-+ (res.read(), res.getheader('Content-type'), res.status))
-+
-
- class SocketlessRequestHandler(SimpleHTTPRequestHandler):
- def __init__(self):
diff -r b443417dbed0 -r 60cee7cbbe87 lang/python33/patches/patch-Misc_NEWS
--- a/lang/python33/patches/patch-Misc_NEWS Thu Jan 01 21:05:13 2015 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,16 +0,0 @@
-$NetBSD: patch-Misc_NEWS,v 1.1 2014/07/02 12:53:52 he Exp $
-
-Note fix for directory traversal vulnerability is included.
-
---- Misc/NEWS.orig 2014-03-09 08:40:23.000000000 +0000
-+++ Misc/NEWS
-@@ -30,6 +30,9 @@ Core and Builtins
- Library
- -------
-
-+- Issue #21766: Prevent a security hole in CGIHTTPServer by URL unquoting paths
-+ before checking for a CGI script at that path.
-+
- - Issue #20778: Fix modulefinder to work with bytecode-only modules.
-
- - Issue #20791: copy.copy() now doesn't make a copy when the input is
diff -r b443417dbed0 -r 60cee7cbbe87 lang/python33/patches/patch-al
--- a/lang/python33/patches/patch-al Thu Jan 01 21:05:13 2015 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,103 +0,0 @@
-$NetBSD: patch-al,v 1.2 2013/05/26 17:56:09 wiz Exp $
-
---- configure.orig 2013-05-15 16:33:00.000000000 +0000
-+++ configure
-@@ -3332,7 +3332,7 @@ case $ac_sys_system/$ac_sys_release in
- # Reconfirmed for OpenBSD 3.3 by Zachary Hamm, for 3.4 by Jason Ish.
- # In addition, Stefan Krah confirms that issue #1244610 exists through
- # OpenBSD 4.6, but is fixed in 4.7.
-- OpenBSD/2.* | OpenBSD/3.* | OpenBSD/4.[0123456])
-+ OpenBSD/2.* | OpenBSD/3.* | OpenBSD/4.[0123456] | MirBSD/*)
- define_xopen_source=no
- # OpenBSD undoes our definition of __BSD_VISIBLE if _XOPEN_SOURCE is
- # also defined. This can be overridden by defining _BSD_SOURCE
-@@ -5594,15 +5594,10 @@ $as_echo "#define Py_ENABLE_SHARED 1" >>
- PY3LIBRARY=libpython3.so
- fi
- ;;
-- Linux*|GNU*|NetBSD*|FreeBSD*|DragonFly*|OpenBSD*)
-+ Linux*|GNU*|NetBSD*|FreeBSD*|Interix*|DragonFly*|OpenBSD*|MirBSD*)
- LDLIBRARY='libpython$(LDVERSION).so'
- BLDLIBRARY='-L. -lpython$(LDVERSION)'
- RUNSHARED=LD_LIBRARY_PATH=`pwd`:${LD_LIBRARY_PATH}
-- case $ac_sys_system in
-- FreeBSD*)
-- SOVERSION=`echo $SOVERSION|cut -d "." -f 1`
-- ;;
-- esac
- INSTSONAME="$LDLIBRARY".$SOVERSION
- if test "$with_pydebug" != yes
- then
-@@ -8465,8 +8460,8 @@ then
- LDCXXSHARED="$LDCXXSHARED "'$(PYTHONFRAMEWORKPREFIX)/$(PYTHONFRAMEWORKDIR)/Versions/$(VERSION)/$(PYTHONFRAMEWORK)'
- else
- # No framework, use the Python app as bundle-loader
-- BLDSHARED="$LDSHARED "'-bundle_loader $(BUILDPYTHON)'
-- LDSHARED="$LDSHARED "'-bundle_loader $(BINDIR)/python$(VERSION)$(EXE)'
-+ BLDSHARED="$LDSHARED "'-flat_namespace -undefined suppress -bundle_loader $(BUILDPYTHON)'
-+ LDSHARED="$LDSHARED "'-flat_namespace -undefined suppress -bundle_loader $(BINDIR)/python$(VERSION)$(EXE)'
- LDCXXSHARED="$LDCXXSHARED "'-bundle_loader $(BINDIR)/python$(VERSION)$(EXE)'
- fi ;;
- Darwin/*)
-@@ -8491,9 +8486,9 @@ then
- LDCXXSHARED="$LDCXXSHARED "'$(PYTHONFRAMEWORKPREFIX)/$(PYTHONFRAMEWORKDIR)/Versions/$(VERSION)/$(PYTHONFRAMEWORK)'
- else
- # No framework, use the Python app as bundle-loader
-- BLDSHARED="$LDSHARED "'-bundle_loader $(BUILDPYTHON)'
-- LDSHARED="$LDSHARED "'-bundle_loader $(BINDIR)/python$(VERSION)$(EXE)'
-- LDCXXSHARED="$LDCXXSHARED "'-bundle_loader $(BINDIR)/python$(VERSION)$(EXE)'
-+ BLDSHARED="$LDSHARED "'-flat_namespace -undefined suppress -bundle_loader $(BUILDPYTHON)'
-+ LDSHARED="$LDSHARED "'-flat_namespace -undefined suppress -bundle_loader $(BINDIR)/python$(VERSION)$(EXE)'
-+ LDCXXSHARED="$LDCXXSHARED "'-flat_namespace -undefined suppress -bundle_loader $(BINDIR)/python$(VERSION)$(EXE)'
- fi
- fi
- ;;
-@@ -8527,9 +8522,15 @@ then
- ;;
- esac
- fi;;
-+ MirBSD*)
-+ LDSHARED='$(CC) -shared $(CCSHARED)'
-+ LDCXXSHARED='$(CXX) -shared $(CCSHARED)';;
- NetBSD*|DragonFly*)
- LDSHARED='$(CC) -shared'
- LDCXXSHARED='$(CXX) -shared';;
-+ Interix*) # XXX tv need image-base hack
-+ LDSHARED='$(CC) -shared'
-+ LDCXXSHARED='$(CXX) -shared';;
- OpenUNIX*|UnixWare*)
- if test "$GCC" = "yes" ; then
- LDSHARED='$(CC) -shared'
-@@ -8570,7 +8571,8 @@ then
- fi;;
- Linux*|GNU*) CCSHARED="-fPIC";;
- BSD/OS*/4*) CCSHARED="-fpic";;
-- FreeBSD*|NetBSD*|OpenBSD*|DragonFly*) CCSHARED="-fPIC";;
-+ FreeBSD*|NetBSD*|OpenBSD*|MirBSD*|DragonFly*) CCSHARED="-fPIC";;
-+ Interix*) CCSHARED="";;
- OpenUNIX*|UnixWare*)
- if test "$GCC" = "yes"
- then CCSHARED="-fPIC"
-@@ -8613,11 +8615,12 @@ then
- OpenUNIX*|UnixWare*) LINKFORSHARED="-Wl,-Bexport";;
- SCO_SV*) LINKFORSHARED="-Wl,-Bexport";;
- ReliantUNIX*) LINKFORSHARED="-W1 -Blargedynsym";;
-- FreeBSD*|NetBSD*|OpenBSD*|DragonFly*)
-+ FreeBSD*|NetBSD*|OpenBSD*|MirBSD*|DragonFly*)
- if [ "`$CC -dM -E - </dev/null | grep __ELF__`" != "" ]
- then
- LINKFORSHARED="-Wl,--export-dynamic"
- fi;;
-+ Interix*) LINKFORSHARED="-Wl,-E";;
- SunOS/5*) case $CC in
- *gcc*)
- if $CC -Xlinker --help 2>&1 | grep export-dynamic >/dev/null
-@@ -13707,8 +13710,6 @@ $as_echo "$SOABI" >&6; }
-
-
- case $ac_sys_system in
-- Linux*|GNU*)
-- EXT_SUFFIX=.${SOABI}${SHLIB_SUFFIX};;
- *)
- EXT_SUFFIX=${SHLIB_SUFFIX};;
- esac
diff -r b443417dbed0 -r 60cee7cbbe87 lang/python33/patches/patch-an
--- a/lang/python33/patches/patch-an Thu Jan 01 21:05:13 2015 +0000
+++ b/lang/python33/patches/patch-an Thu Jan 01 21:39:45 2015 +0000
@@ -1,4 +1,6 @@
-$NetBSD: patch-an,v 1.1 2012/12/10 03:15:49 tsarna Exp $
+$NetBSD: patch-an,v 1.2 2015/01/01 21:39:45 he Exp $
+
+Recognize and pass on -pthread arg.
--- Modules/makesetup.orig 2008-06-11 05:26:20.000000000 +0000
Home |
Main Index |
Thread Index |
Old Index