[python/f16] 2.7.3-3: add explicit version requirements on expat
dmalcolm
dmalcolm at fedoraproject.org
Thu Apr 19 18:24:37 UTC 2012
commit 79e6c0ac729e2702ecce8a7d5dac17c90fc3b155
Author: David Malcolm <dmalcolm at redhat.com>
Date: Thu Apr 19 14:23:22 2012 -0400
2.7.3-3: add explicit version requirements on expat
* Thu Apr 19 2012 David Malcolm <dmalcolm at redhat.com> - 2.7.3-3
- add explicit version requirements on expat to avoid linkage problems with
XML_SetHashSalt
python.spec | 18 ++++++++++++++++--
1 files changed, 16 insertions(+), 2 deletions(-)
---
diff --git a/python.spec b/python.spec
index 51dd6f8..e4419e8 100644
--- a/python.spec
+++ b/python.spec
@@ -102,7 +102,7 @@ Summary: An interpreted, interactive, object-oriented programming language
Name: %{python}
# Remember to also rebase python-docs when changing this:
Version: 2.7.3
-Release: 2%{?dist}
+Release: 3%{?dist}
License: Python
Group: Development/Languages
Requires: %{python}-libs%{?_isa} = %{version}-%{release}
@@ -120,7 +120,11 @@ BuildRequires: autoconf
BuildRequires: bzip2
BuildRequires: bzip2-devel
BuildRequires: db4-devel >= 4.8
-BuildRequires: expat-devel
+
+# expat 2.1.0 added the symbol XML_SetHashSalt without bumping SONAME. We use
+# it (in pyexpat) in order to enable the fix in Python-2.7.3 for CVE-2012-0876:
+BuildRequires: expat-devel >= 2.1.0
+
BuildRequires: findutils
BuildRequires: gcc-c++
BuildRequires: gdbm-devel
@@ -559,6 +563,12 @@ Group: Applications/System
# Needed for ctypes, to load libraries, worked around for Live CDs size
# Requires: binutils
+# expat 2.1.0 added the symbol XML_SetHashSalt without bumping SONAME. We use
+# this symbol (in pyexpat), so we must explicitly state this dependency to
+# prevent "import pyexpat" from failing with a linker error if someone hasn't
+# yet upgraded expat:
+Requires: expat >= 2.1.0
+
%description libs
This package contains runtime libraries for use by Python:
- the libpython dynamic library, for use by applications that embed Python as
@@ -1804,6 +1814,10 @@ rm -fr %{buildroot}
# ======================================================
%changelog
+* Thu Apr 19 2012 David Malcolm <dmalcolm at redhat.com> - 2.7.3-3
+- add explicit version requirements on expat to avoid linkage problems with
+XML_SetHashSalt
+
* Wed Apr 18 2012 David Malcolm <dmalcolm at redhat.com> - 2.7.3-2
- fix -config symlinks (patch 112; rhbz#813836)
More information about the scm-commits
mailing list