rpm/python
SHA256
1
0
Fork 0
forked from pool/python
Code Pull Requests Activity

- update to 2.7.3rc2

Browse Source 
* fixes several security issues:
  * CVE-2012-0845, bnc#747125
  * CVE-2012-1150, bnc#751718
  * CVE-2011-4944, bnc#754447
  * CVE-2011-3389
- fix for insecure .pypirc (CVE-2011-4944, bnc#754447)

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=114
This commit is contained in:
Jan Matejek 2012-03-28 18:27:24 +00:00 committed by Git OBS Bridge
parent e5cda42487
commit a2b3f5f125
10 changed files with 143 additions and 96 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
Python-2.7.2.tar.bz2
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:5057eb067eb5b5a6040dbd0e889e06550bde9ec041dadaa855ee9490034cbdab
size 11754834

3
Python-2.7.3rc2.tar.bz2 Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:752759ea956bfc4e9638753f68e9a2c96a40677053a4d6720f1a476a984f7bbe
size 11801113

30
pypirc-secure.diff Normal file
View File

@ -0,0 +1,30 @@
# HG changeset patch
# User Philip Jenvey <pjenvey@underboss.org>
# Date 1322701507 28800
# Branch 2.7
# Node ID e7c20a8476a0e2ca18f8040864cbc400818d8f24
# Parent 3ecddf168f1f554a17a047384fe0b02f2d688277
create the .pypirc securely
diff -r 3ecddf168f1f -r e7c20a8476a0 Lib/distutils/config.py
--- a/Lib/distutils/config.py Tue Nov 29 00:53:09 2011 +0100
+++ b/Lib/distutils/config.py Wed Nov 30 17:05:07 2011 -0800
@@ -42,16 +42,8 @@
def _store_pypirc(self, username, password):
"""Creates a default .pypirc file."""
rc = self._get_rc_file()
- f = open(rc, 'w')
- try:
- f.write(DEFAULT_PYPIRC % (username, password))
- finally:
- f.close()
- try:
- os.chmod(rc, 0600)
- except OSError:
- # should do something better here
- pass
+ with os.fdopen(os.open(rc, os.O_CREAT | os.O_WRONLY, 0600), 'w') as fp:
+ fp.write(DEFAULT_PYPIRC % (username, password))
def _read_pypirc(self):
"""Reads the .pypirc file."""

21
python-2.7.2-linux3.patch
View File

@ -1,21 +0,0 @@
--- configure.in
+++ configure.in
@@ -293,6 +293,7 @@
MACHDEP="$ac_md_system$ac_md_release"
case $MACHDEP in
+ linux*) MACHDEP="linux2";;
cygwin*) MACHDEP="cygwin";;
darwin*) MACHDEP="darwin";;
atheos*) MACHDEP="atheos";;
--- Misc/NEWS
+++ Misc/NEWS
@@ -1,6 +1,8 @@
Python News
+++++++++++
+- Issue #12326: sys.platform is now always 'linux2' on Linux, even if Python
+ is compiled on Linux 3.
What's New in Python 2.7.2?
===========================

26
python-2.7rc2-canonicalize2.patch → python-2.7.3rc2-canonicalize2.patch
View File

@ -1,8 +1,8 @@
Index: Python/sysmodule.c
===================================================================
--- Python/sysmodule.c.orig
+++ Python/sysmodule.c
@@ -1671,7 +1671,20 @@ PySys_SetArgvEx(int argc, char **argv, i
--- Python/sysmodule.c.orig 2012-03-28 20:13:00.000000000 +0200
+++ Python/sysmodule.c 2012-03-28 20:13:00.000000000 +0200
@@ -1620,7 +1620,20 @@
char *p = NULL;
Py_ssize_t n = 0;
PyObject *a;
@ -24,7 +24,7 @@ Index: Python/sysmodule.c
char link[MAXPATHLEN+1];
char argv0copy[2*MAXPATHLEN+1];
int nr = 0;
@@ -1698,7 +1711,8 @@ PySys_SetArgvEx(int argc, char **argv, i
@@ -1647,7 +1660,8 @@
}
}
}
@ -34,7 +34,7 @@ Index: Python/sysmodule.c
#if SEP == '\\' /* Special case for MS filename syntax */
if (argc > 0 && argv0 != NULL && strcmp(argv0, "-c") != 0) {
char *q;
@@ -1727,11 +1741,6 @@ PySys_SetArgvEx(int argc, char **argv, i
@@ -1676,11 +1690,6 @@
}
#else /* All other filename syntaxes */
if (argc > 0 && argv0 != NULL && strcmp(argv0, "-c") != 0) {
@ -46,7 +46,7 @@ Index: Python/sysmodule.c
p = strrchr(argv0, SEP);
}
if (p != NULL) {
@@ -1749,6 +1758,9 @@ PySys_SetArgvEx(int argc, char **argv, i
@@ -1698,6 +1707,9 @@
a = PyString_FromStringAndSize(argv0, n);
if (a == NULL)
Py_FatalError("no mem for sys.path insertion");
@ -58,9 +58,9 @@ Index: Python/sysmodule.c
Py_DECREF(a);
Index: configure.in
===================================================================
--- configure.in.orig
+++ configure.in
@@ -2728,7 +2728,7 @@ AC_CHECK_FUNCS(alarm setitimer getitimer
--- configure.in.orig 2012-03-28 20:13:00.000000000 +0200
+++ configure.in 2012-03-28 20:13:00.000000000 +0200
@@ -2761,7 +2761,7 @@
getpriority getresuid getresgid getpwent getspnam getspent getsid getwd \
initgroups kill killpg lchmod lchown lstat mkfifo mknod mktime \
mremap nice pathconf pause plock poll pthread_init \
@ -71,10 +71,10 @@ Index: configure.in
setlocale setregid setreuid setsid setpgid setpgrp setuid setvbuf snprintf \
Index: pyconfig.h.in
===================================================================
--- pyconfig.h.in.orig
+++ pyconfig.h.in
@@ -97,6 +97,9 @@
/* Define to 1 if you have the `chflags' function. */
--- pyconfig.h.in.orig 2012-03-16 02:26:39.000000000 +0100
+++ pyconfig.h.in 2012-03-28 20:13:00.000000000 +0200
@@ -106,6 +106,9 @@
/* Define to 1 if you have the 'chflags' function. */
#undef HAVE_CHFLAGS
+/* Define to 1 if you have the `canonicalize_file_name' function. */

108
python-2.7.2-multilib.patch → python-2.7.3rc2-multilib.patch
View File

@ -1,6 +1,8 @@
--- configure.in
+++ configure.in
@@ -629,6 +629,41 @@
Index: configure.in
===================================================================
--- configure.in.orig 2012-03-16 02:26:39.000000000 +0100
+++ configure.in 2012-03-28 20:09:13.000000000 +0200
@@ -630,6 +630,41 @@
;;
esac
@ -42,8 +44,10 @@
AC_SUBST(LIBRARY)
AC_MSG_CHECKING(LIBRARY)
--- Include/pythonrun.h
+++ Include/pythonrun.h
Index: Include/pythonrun.h
===================================================================
--- Include/pythonrun.h.orig 2012-03-16 02:26:31.000000000 +0100
+++ Include/pythonrun.h 2012-03-28 20:09:13.000000000 +0200
@@ -108,6 +108,8 @@
/* In their own files */
PyAPI_FUNC(const char *) Py_GetVersion(void);
@ -53,8 +57,10 @@
PyAPI_FUNC(const char *) Py_GetCopyright(void);
PyAPI_FUNC(const char *) Py_GetCompiler(void);
PyAPI_FUNC(const char *) Py_GetBuildInfo(void);
--- Lib/distutils/command/install.py
+++ Lib/distutils/command/install.py
Index: Lib/distutils/command/install.py
===================================================================
--- Lib/distutils/command/install.py.orig 2012-03-28 20:09:11.000000000 +0200
+++ Lib/distutils/command/install.py 2012-03-28 20:09:13.000000000 +0200
@@ -22,6 +22,8 @@
from site import USER_SITE
@ -73,8 +79,10 @@
'headers': '$base/include/python$py_version_short/$dist_name',
'scripts': '$base/bin',
'data' : '$base',
--- Lib/distutils/sysconfig.py
+++ Lib/distutils/sysconfig.py
Index: Lib/distutils/sysconfig.py
===================================================================
--- Lib/distutils/sysconfig.py.orig 2012-03-16 02:26:31.000000000 +0100
+++ Lib/distutils/sysconfig.py 2012-03-28 20:09:13.000000000 +0200
@@ -114,8 +114,11 @@
prefix = plat_specific and EXEC_PREFIX or PREFIX
@ -89,8 +97,10 @@
if standard_lib:
return libpython
else:
--- Lib/pydoc.py
+++ Lib/pydoc.py
Index: Lib/pydoc.py
===================================================================
--- Lib/pydoc.py.orig 2012-03-16 02:26:33.000000000 +0100
+++ Lib/pydoc.py 2012-03-28 20:09:13.000000000 +0200
@@ -352,7 +352,7 @@
docloc = os.environ.get("PYTHONDOCS",
@ -100,8 +110,10 @@
"python"+sys.version[0:3])
if (isinstance(object, type(os)) and
(object.__name__ in ('errno', 'exceptions', 'gc', 'imp',
--- Lib/site.py
+++ Lib/site.py
Index: Lib/site.py
===================================================================
--- Lib/site.py.orig 2012-03-16 02:26:33.000000000 +0100
+++ Lib/site.py 2012-03-28 20:09:13.000000000 +0200
@@ -300,13 +300,18 @@
if sys.platform in ('os2emx', 'riscos'):
sitepackages.append(os.path.join(prefix, "Lib", "site-packages"))
@ -124,8 +136,10 @@
if sys.platform == "darwin":
# for framework builds *only* we add the standard Apple
# locations.
--- Lib/sysconfig.py
+++ Lib/sysconfig.py
Index: Lib/sysconfig.py
===================================================================
--- Lib/sysconfig.py.orig 2012-03-16 02:26:33.000000000 +0100
+++ Lib/sysconfig.py 2012-03-28 20:09:13.000000000 +0200
@@ -7,10 +7,10 @@
_INSTALL_SCHEMES = {
@ -154,8 +168,10 @@
'include': '{userbase}/include/python{py_version_short}',
'scripts': '{userbase}/bin',
'data' : '{userbase}',
--- Lib/test/test_dl.py
+++ Lib/test/test_dl.py
Index: Lib/test/test_dl.py
===================================================================
--- Lib/test/test_dl.py.orig 2012-03-16 02:26:34.000000000 +0100
+++ Lib/test/test_dl.py 2012-03-28 20:09:13.000000000 +0200
@@ -5,10 +5,11 @@
import unittest
from test.test_support import verbose, import_module
@ -170,12 +186,14 @@
('/usr/bin/cygwin1.dll', 'getpid'),
('/usr/lib/libc.dylib', 'getpid'),
]
--- Lib/test/test_site.py
+++ Lib/test/test_site.py
@@ -227,12 +227,16 @@
wanted = os.path.join('xoxo', 'Lib', 'site-packages')
self.assertEqual(dirs[0], wanted)
Index: Lib/test/test_site.py
===================================================================
--- Lib/test/test_site.py.orig 2012-03-16 02:26:34.000000000 +0100
+++ Lib/test/test_site.py 2012-03-28 20:11:10.000000000 +0200
@@ -241,12 +241,16 @@
self.assertEqual(dirs[2], wanted)
elif os.sep == '/':
# OS X non-framwework builds, Linux, FreeBSD, etc
- self.assertEqual(len(dirs), 2)
wanted = os.path.join('xoxo', 'lib', 'python' + sys.version[:3],
'site-packages')
@ -190,11 +208,13 @@
+ wanted = os.path.join('xoxo', sys.lib, 'site-python')
+ self.assertTrue(wanted in dirs)
else:
# other platforms
self.assertEqual(len(dirs), 2)
self.assertEqual(dirs[0], 'xoxo')
--- Lib/trace.py
+++ Lib/trace.py
@@ -762,10 +762,10 @@
Index: Lib/trace.py
===================================================================
--- Lib/trace.py.orig 2012-03-16 02:26:34.000000000 +0100
+++ Lib/trace.py 2012-03-28 20:09:13.000000000 +0200
@@ -754,10 +754,10 @@
# should I also call expanduser? (after all, could use $HOME)
s = s.replace("$prefix",
@ -207,8 +227,10 @@
"python" + sys.version[:3]))
s = os.path.normpath(s)
ignore_dirs.append(s)
--- Makefile.pre.in
+++ Makefile.pre.in
Index: Makefile.pre.in
===================================================================
--- Makefile.pre.in.orig 2012-03-28 20:09:11.000000000 +0200
+++ Makefile.pre.in 2012-03-28 20:09:13.000000000 +0200
@@ -81,6 +81,8 @@
# Machine-dependent subdirectories
@ -218,7 +240,7 @@
# Install prefix for architecture-independent files
prefix= @prefix@
@@ -532,6 +534,7 @@
@@ -533,6 +535,7 @@
-DEXEC_PREFIX='"$(exec_prefix)"' \
-DVERSION='"$(VERSION)"' \
-DVPATH='"$(VPATH)"' \
@ -226,7 +248,7 @@
-o $@ $(srcdir)/Modules/getpath.c
Modules/python.o: $(srcdir)/Modules/python.c
@@ -566,7 +569,7 @@
@@ -567,7 +570,7 @@
Python/compile.o Python/symtable.o Python/ast.o: $(GRAMMAR_H) $(AST_H)
Python/getplatform.o: $(srcdir)/Python/getplatform.c
@ -235,8 +257,10 @@
Python/importdl.o: $(srcdir)/Python/importdl.c
$(CC) -c $(PY_CFLAGS) -I$(DLINCLDIR) -o $@ $(srcdir)/Python/importdl.c
--- Modules/getpath.c
+++ Modules/getpath.c
Index: Modules/getpath.c
===================================================================
--- Modules/getpath.c.orig 2012-03-16 02:26:37.000000000 +0100
+++ Modules/getpath.c 2012-03-28 20:09:13.000000000 +0200
@@ -116,9 +116,11 @@
#define EXEC_PREFIX PREFIX
#endif
@ -260,8 +284,10 @@
static void
reduce(char *dir)
--- Python/getplatform.c
+++ Python/getplatform.c
Index: Python/getplatform.c
===================================================================
--- Python/getplatform.c.orig 2012-03-16 02:26:38.000000000 +0100
+++ Python/getplatform.c 2012-03-28 20:09:13.000000000 +0200
@@ -10,3 +10,23 @@
{
return PLATFORM;
@ -286,9 +312,11 @@
+{
+ return LIB;
+}
--- Python/sysmodule.c
+++ Python/sysmodule.c
@@ -1416,6 +1416,10 @@
Index: Python/sysmodule.c
===================================================================
--- Python/sysmodule.c.orig 2012-03-16 02:26:39.000000000 +0100
+++ Python/sysmodule.c 2012-03-28 20:09:13.000000000 +0200
@@ -1419,6 +1419,10 @@
PyString_FromString(Py_GetCopyright()));
SET_SYS_FROM_STRING("platform",
PyString_FromString(Py_GetPlatform()));
@ -299,8 +327,10 @@
SET_SYS_FROM_STRING("executable",
PyString_FromString(Py_GetProgramFullPath()));
SET_SYS_FROM_STRING("prefix",
--- setup.py
+++ setup.py
Index: setup.py
===================================================================
--- setup.py.orig 2012-03-16 02:26:39.000000000 +0100
+++ setup.py 2012-03-28 20:09:13.000000000 +0200
@@ -369,7 +369,7 @@
def detect_modules(self):

11
python-base.changes
View File

@ -1,3 +1,14 @@
-------------------------------------------------------------------
Wed Mar 28 18:19:18 UTC 2012 - jmatejek@suse.com
- update to 2.7.3rc2
* fixes several security issues:
* CVE-2012-0845, bnc#747125
* CVE-2012-1150, bnc#751718
* CVE-2011-4944, bnc#754447
* CVE-2011-3389
- fix for insecure .pypirc (CVE-2011-4944, bnc#754447)
-------------------------------------------------------------------
Thu Feb 16 12:33:44 UTC 2012 - dvaleev@suse.com

16
python-base.spec
View File

@ -18,13 +18,14 @@
Name: python-base
Version: 2.7.2
Version: 2.7.2.99rc2
Release: 0
License: Python-2.0
Summary: Python Interpreter base package
Url: http://www.python.org/
Group: Development/Languages/Python
%define tarversion %{version}
#%%define tarversion %{version}
%define tarversion 2.7.3rc2
%define tarname Python-%{tarversion}
Source0: %{tarname}.tar.bz2
Source1: macros.python
@ -35,19 +36,18 @@ Source5: _local.pth
# COMMON-PATCH-BEGIN
Patch1: python-2.7-dirs.patch
Patch2: python-distutils-rpm-8.patch
Patch3: python-2.7.2-multilib.patch
Patch3: python-2.7.3rc2-multilib.patch
Patch4: python-2.5.1-sqlite.patch
Patch5: python-2.7rc2-canonicalize2.patch
Patch5: python-2.7.3rc2-canonicalize2.patch
Patch6: python-2.7rc2-configure.patch
Patch7: python-2.6-gettext-plurals.patch
Patch8: python-2.6b3-curses-panel.patch
Patch9: python-2.7.1-distutils_test_path.patch
Patch10: sparc_longdouble.patch
Patch11: python-2.7.2-linux3.patch
Patch12: http://psf.upfronthosting.co.za/roundup/tracker/file19029/python-test_structmembers.patch
Patch13: python-2.7.2-fix_date_time_compiler.patch
Patch14: python-2.7.1-urllib-noproxy.patch
Patch15: python-2.7.2-disable-tests-in-test_io.patch
Patch16: pypirc-secure.diff
# COMMON-PATCH-END
%define python_version %(echo %{tarversion} | head -c 3)
BuildRequires: automake
@ -125,15 +125,13 @@ other applications.
%patch8
%patch9 -p1
%patch10 -p1
%patch11
%patch12
%patch13
%patch14 -p1
#skip test_io test for ppc,ppc64 as it broken.
%ifarch ppc ppc64
%patch15 -p1
%endif
%patch16 -p1
# COMMON-PREP-END
# drop Autoconf version requirement

5
python-doc.spec
View File

@ -24,8 +24,9 @@ License: Python-2.0
Summary: Additional Package Documentation for Python
Url: http://www.python.org/
Group: Development/Languages/Python
%define pyver 2.7.2
%define tarname Python-%{pyver}
%define pyver 2.7.2.99rc2
#%%define tarname Python-%{pyver}
%define tarname Python-2.7.3rc2
Source0: %{tarname}.tar.bz2
Source1: python-%{version}-docs-html.tar.bz2
Source2: python-%{version}-docs-pdf-a4.tar.bz2

16
python.spec
View File

@ -16,13 +16,14 @@
#
Name: python
Version: 2.7.2
Version: 2.7.2.99rc2
Release: 0
License: Python-2.0
Summary: Python Interpreter
Url: http://www.python.org/
Group: Development/Languages/Python
%define tarversion %{version}
#%%define tarversion %{version}
%define tarversion 2.7.3rc2
%define tarname Python-%{tarversion}
Source0: %{tarname}.tar.bz2
Source1: README.SUSE
@ -39,19 +40,18 @@ Source4: python.csh
# COMMON-PATCH-BEGIN
Patch1: python-2.7-dirs.patch
Patch2: python-distutils-rpm-8.patch
Patch3: python-2.7.2-multilib.patch
Patch3: python-2.7.3rc2-multilib.patch
Patch4: python-2.5.1-sqlite.patch
Patch5: python-2.7rc2-canonicalize2.patch
Patch5: python-2.7.3rc2-canonicalize2.patch
Patch6: python-2.7rc2-configure.patch
Patch7: python-2.6-gettext-plurals.patch
Patch8: python-2.6b3-curses-panel.patch
Patch9: python-2.7.1-distutils_test_path.patch
Patch10: sparc_longdouble.patch
Patch11: python-2.7.2-linux3.patch
Patch12: http://psf.upfronthosting.co.za/roundup/tracker/file19029/python-test_structmembers.patch
Patch13: python-2.7.2-fix_date_time_compiler.patch
Patch14: python-2.7.1-urllib-noproxy.patch
Patch15: python-2.7.2-disable-tests-in-test_io.patch
Patch16: pypirc-secure.diff
# COMMON-PATCH-END
BuildRequires: automake
BuildRequires: db-devel
@ -165,15 +165,13 @@ implementation of the standard Unix DBM databases.
%patch8
%patch9 -p1
%patch10 -p1
%patch11
%patch12
%patch13
%patch14 -p1
#skip test_io test for ppc,ppc64 as it broken.
%ifarch ppc ppc64
%patch15 -p1
%endif
%patch16 -p1
# COMMON-PREP-END
# drop Autoconf version requirement