- fixed a security flaw where malicious sites could redirect

Python application from http to a local file (CVE-2011-1521, bnc#682554) - fixed race condition in Makefile which randomly failed parallel builds ( http://bugs.python.org/issue10013 ) OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=94
2011-05-02 16:07:07 +00:00
parent 238d8e6b32
commit ef4beb4804
4 changed files with 157 additions and 1 deletions
--- a/python-base.spec
+++ b/python-base.spec
@@ -53,6 +53,8 @@ Patch10:        urllib2-AbstractBasicAuthHandler_reset_attr.diff
 Patch11:        smtpd-dos.patch
 Patch12:        http://psf.upfronthosting.co.za/roundup/tracker/file19029/python-test_structmembers.patch
 Patch13:        python-fix_date_time_compiler.patch
+Patch14:        python-2.7-CVE-2011-1521-fileurl.patch
+Patch15:        python-2.7-fix-parallel-make.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 %define         python_version    %(echo %{version} | head -c 3)
 Provides:       %{name} = %{python_version}
@@ -145,8 +147,10 @@ Authors:
 %patch9 -p1
 %patch10
 %patch11
-%patch12 -p0
+%patch12
 %patch13
+%patch14 -p1
+%patch15 -p1

 # some cleanup
 find . -name .cvsignore -type f -print0 | xargs -0 rm -f