- CVE-2014-1912-recvfrom_into.patch: fix potential buffer overflow

in socket.recvfrom_into (CVE-2014-1912, bnc#863741) OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=161
2014-02-13 16:49:05 +00:00
parent 765b7c8fe4
commit 11f0210274
5 changed files with 65 additions and 0 deletions
--- a/python-base.spec
+++ b/python-base.spec
@@ -60,6 +60,8 @@ Patch28:        smtplib_maxline-2.7.patch
 Patch29:        python-2.7.6-poplib.patch
 # [bnc#857470] add missing import to bdist_rpm command
 Patch30:        python-2.7.6-bdist-rpm.patch
+# CVE-2014-1912 [bnc#863741] buffer overflow in recvfrom_into
+Patch31:        CVE-2014-1912-recvfrom_into.patch
 # COMMON-PATCH-END
 %define         python_version    %(echo %{tarversion} | head -c 3)
 BuildRequires:  automake
@@ -159,6 +161,7 @@ other applications.
 %patch28 -p1
 %patch29 -p1
 %patch30 -p1
+%patch31 -p1

 # drop Autoconf version requirement
 sed -i 's/^version_required/dnl version_required/' configure.ac