diff --git a/CVE-2019-5010-null-defer-x509-cert-DOS.patch b/CVE-2019-5010-null-defer-x509-cert-DOS.patch deleted file mode 100644 index fbd32d7..0000000 --- a/CVE-2019-5010-null-defer-x509-cert-DOS.patch +++ /dev/null @@ -1,59 +0,0 @@ -From a37f52436f9aa4b9292878b72f3ff1480e2606c3 Mon Sep 17 00:00:00 2001 -From: Christian Heimes -Date: Tue, 15 Jan 2019 23:47:42 +0100 -Subject: [PATCH] bpo-35746: Fix segfault in ssl's cert parser (GH-11569) - -Fix a NULL pointer deref in ssl module. The cert parser did not handle CRL -distribution points with empty DP or URI correctly. A malicious or buggy -certificate can result into segfault. - -Signed-off-by: Christian Heimes - - - -https://bugs.python.org/issue35746 ---- - Lib/test/talos-2019-0758.pem | 22 +++++++++++++++++++ - Lib/test/test_ssl.py | 22 +++++++++++++++++++ - .../2019-01-15-18-16-05.bpo-35746.nMSd0j.rst | 3 +++ - Modules/_ssl.c | 4 ++++ - 4 files changed, 51 insertions(+) - create mode 100644 Lib/test/talos-2019-0758.pem - create mode 100644 Misc/NEWS.d/next/Security/2019-01-15-18-16-05.bpo-35746.nMSd0j.rst - ---- a/Lib/test/test_ssl.py -+++ b/Lib/test/test_ssl.py -@@ -470,6 +470,27 @@ class BasicSocketTests(unittest.TestCase - } - ) - -+ def test_parse_cert_CVE_2019_5010(self): -+ p = ssl._ssl._test_decode_cert(TALOS_INVALID_CRLDP) -+ if support.verbose: -+ sys.stdout.write("\n" + pprint.pformat(p) + "\n") -+ self.assertEqual( -+ p, -+ { -+ 'issuer': ( -+ (('countryName', 'UK'),), (('commonName', 'cody-ca'),)), -+ 'notAfter': 'Jun 14 18:00:58 2028 GMT', -+ 'notBefore': 'Jun 18 18:00:58 2018 GMT', -+ 'serialNumber': '02', -+ 'subject': ((('countryName', 'UK'),), -+ (('commonName', -+ 'codenomicon-vm-2.test.lal.cisco.com'),)), -+ 'subjectAltName': ( -+ ('DNS', 'codenomicon-vm-2.test.lal.cisco.com'),), -+ 'version': 3 -+ } -+ ) -+ - def test_parse_cert_CVE_2013_4238(self): - p = ssl._ssl._test_decode_cert(NULLBYTECERT) - if support.verbose: ---- /dev/null -+++ b/Misc/NEWS.d/next/Security/2019-01-15-18-16-05.bpo-35746.nMSd0j.rst -@@ -0,0 +1,3 @@ -+[CVE-2019-5010] Fix a NULL pointer deref in ssl module. The cert parser did -+not handle CRL distribution points with empty DP or URI correctly. A -+malicious or buggy certificate can result into segfault. diff --git a/no-skipif-doctests.patch b/no-skipif-doctests.patch index 1ef110a..62758d3 100644 --- a/no-skipif-doctests.patch +++ b/no-skipif-doctests.patch @@ -179,7 +179,7 @@ unchanged: >>> turtle.pos() (440.00,-0.00) @@ -665,7 +643,6 @@ Tell Turtle's state - orientation which depends on the mode - "standard"/"world" or "logo"). + orientation which depends on the mode - "standard"/"world" or "logo". .. doctest:: - :skipif: _tkinter is None @@ -267,7 +267,7 @@ unchanged: >>> turtle.penup() >>> turtle.isdown() @@ -917,7 +884,6 @@ Color control - newly set pencolor. + newly set pencolor. .. doctest:: - :skipif: _tkinter is None @@ -275,7 +275,7 @@ unchanged: >>> colormode() 1.0 @@ -966,7 +932,6 @@ Color control - with the newly set fillcolor. + with the newly set fillcolor. .. doctest:: - :skipif: _tkinter is None @@ -283,7 +283,7 @@ unchanged: >>> turtle.fillcolor("violet") >>> turtle.fillcolor() @@ -1005,7 +970,6 @@ Color control - with the newly set colors. + with the newly set colors. .. doctest:: - :skipif: _tkinter is None @@ -347,7 +347,7 @@ unchanged: >>> turtle.shape() 'classic' @@ -1195,7 +1152,6 @@ Appearance - resizemode("user") is called by :func:`shapesize` when used with arguments. + ``resizemode("user")`` is called by :func:`shapesize` when used with arguments. .. doctest:: - :skipif: _tkinter is None @@ -563,7 +563,7 @@ unchanged: >>> def f(): ... fd(50) @@ -1824,7 +1754,6 @@ Using screen events - named turtle: + named ``turtle``: .. doctest:: - :skipif: _tkinter is None diff --git a/python39.changes b/python39.changes index 5cd8e93..b9deab1 100644 --- a/python39.changes +++ b/python39.changes @@ -13,6 +13,7 @@ Fri Feb 19 16:58:38 UTC 2021 - Matej Cepl - CVE-2021-3177-buf_ovrfl_PyCArg_repr.patch - bsc1167501-invalid-alignment.patch - skip_random_failing_tests.patch + - CVE-2019-5010-null-defer-x509-cert-DOS.patch ------------------------------------------------------------------- Tue Feb 9 01:37:59 UTC 2021 - Steve Kowalik diff --git a/python39.spec b/python39.spec index f5c8a51..769e4ce 100644 --- a/python39.spec +++ b/python39.spec @@ -127,13 +127,7 @@ Patch08: python-3.3.0b1-fix_date_time_compiler.patch Patch09: python-3.3.0b1-test-posix_fadvise.patch # Raise timeout value for test_subprocess Patch15: subprocess-raise-timeout.patch -# skip some tests only for PowerPC -Patch23: skip_random_failing_tests.patch Patch25: python3-imp-returntype.patch -# PATCH-FIX-UPSTREAM CVE-2019-5010-null-defer-x509-cert-DOS.patch bnc#1122191 mcepl@suse.com -# https://github.com/python/cpython/pull/11569 -# Fix segfault in ssl's cert parser -Patch27: CVE-2019-5010-null-defer-x509-cert-DOS.patch # PATCH-FEATURE-UPSTREAM bpo-31046_ensurepip_honours_prefix.patch bpo#31046 mcepl@suse.com # ensurepip should honour the value of $(prefix) Patch29: bpo-31046_ensurepip_honours_prefix.patch @@ -381,16 +375,12 @@ other applications. %patch08 -p1 %patch09 -p1 %patch15 -p1 -# %%ifarch ppc ppc64 ppc64le -# %%patch23 -p1 -# %%endif %patch25 -p1 -%patch27 -p1 %patch29 -p1 %patch32 -p1 -%if 0%{?suse_version} <= 1500 +# %%if 0%%{?suse_version} <= 1500 %patch33 -p1 -%endif +# %%endif # drop Autoconf version requirement sed -i 's/^AC_PREREQ/dnl AC_PREREQ/' configure.ac