[python/f19] Sync back/renumber patches to stay consistent with rhel.
Bohuslav Kabrda
bkabrda at fedoraproject.org
Mon Aug 26 07:37:37 UTC 2013
commit a9f6e899c8c1de12872cc226d440ffaaf5eb6f1d
Author: Bohuslav Kabrda <bkabrda at redhat.com>
Date: Mon Aug 26 09:37:19 2013 +0200
Sync back/renumber patches to stay consistent with rhel.
00185-urllib2-honors-noproxy-for-ftp.patch | 12 ++++
00186-memory-leak-marshalc.patch | 57 ++++++++++++++++++++
00187-add-RPATH-to-pyexpat.patch | 25 +++++++++
...-4238-hostname-check-bypass-in-SSL-module.patch | 0
python.spec | 29 +++++++++-
5 files changed, 120 insertions(+), 3 deletions(-)
---
diff --git a/00185-urllib2-honors-noproxy-for-ftp.patch b/00185-urllib2-honors-noproxy-for-ftp.patch
new file mode 100644
index 0000000..b26c4d4
--- /dev/null
+++ b/00185-urllib2-honors-noproxy-for-ftp.patch
@@ -0,0 +1,12 @@
+diff -up Python-2.7.5/Lib/urllib2.py.orig Python-2.7.5/Lib/urllib2.py
+--- Python-2.7.5/Lib/urllib2.py.orig 2013-07-17 12:22:58.595525622 +0200
++++ Python-2.7.5/Lib/urllib2.py 2013-07-17 12:19:59.875898030 +0200
+@@ -728,6 +728,8 @@ class ProxyHandler(BaseHandler):
+ if proxy_type is None:
+ proxy_type = orig_type
+
++ req.get_host()
++
+ if req.host and proxy_bypass(req.host):
+ return None
+
diff --git a/00186-memory-leak-marshalc.patch b/00186-memory-leak-marshalc.patch
new file mode 100644
index 0000000..19fb175
--- /dev/null
+++ b/00186-memory-leak-marshalc.patch
@@ -0,0 +1,57 @@
+--- Python-2.7.5/Python/marshal.c 2013-05-12 05:32:53.000000000 +0200
++++ /home/rkuska/hg/cpython/Python/marshal.c 2013-07-18 10:33:26.392486235 +0200
+@@ -88,7 +88,7 @@
+ }
+
+ static void
+-w_string(char *s, Py_ssize_t n, WFILE *p)
++w_string(const char *s, Py_ssize_t n, WFILE *p)
+ {
+ if (p->fp != NULL) {
+ fwrite(s, 1, n, p->fp);
+@@ -141,6 +141,13 @@
+ # define W_SIZE w_long
+ #endif
+
++static void
++w_pstring(const char *s, Py_ssize_t n, WFILE *p)
++{
++ W_SIZE(n, p);
++ w_string(s, n, p);
++}
++
+ /* We assume that Python longs are stored internally in base some power of
+ 2**15; for the sake of portability we'll always read and write them in base
+ exactly 2**15. */
+@@ -338,9 +345,7 @@
+ else {
+ w_byte(TYPE_STRING, p);
+ }
+- n = PyString_GET_SIZE(v);
+- W_SIZE(n, p);
+- w_string(PyString_AS_STRING(v), n, p);
++ w_pstring(PyBytes_AS_STRING(v), PyString_GET_SIZE(v), p);
+ }
+ #ifdef Py_USING_UNICODE
+ else if (PyUnicode_CheckExact(v)) {
+@@ -352,9 +357,7 @@
+ return;
+ }
+ w_byte(TYPE_UNICODE, p);
+- n = PyString_GET_SIZE(utf8);
+- W_SIZE(n, p);
+- w_string(PyString_AS_STRING(utf8), n, p);
++ w_pstring(PyString_AS_STRING(utf8), PyString_GET_SIZE(utf8), p);
+ Py_DECREF(utf8);
+ }
+ #endif
+@@ -441,8 +444,7 @@
+ PyBufferProcs *pb = v->ob_type->tp_as_buffer;
+ w_byte(TYPE_STRING, p);
+ n = (*pb->bf_getreadbuffer)(v, 0, (void **)&s);
+- W_SIZE(n, p);
+- w_string(s, n, p);
++ w_pstring(s, n, p);
+ }
+ else {
+ w_byte(TYPE_UNKNOWN, p);
diff --git a/00187-add-RPATH-to-pyexpat.patch b/00187-add-RPATH-to-pyexpat.patch
new file mode 100644
index 0000000..0ac5227
--- /dev/null
+++ b/00187-add-RPATH-to-pyexpat.patch
@@ -0,0 +1,25 @@
+diff -r e8b8279ca118 setup.py
+--- a/setup.py Sun Jul 21 21:57:52 2013 -0400
++++ b/setup.py Tue Aug 20 09:45:31 2013 +0200
+@@ -1480,12 +1480,21 @@
+ 'expat/xmltok_impl.h'
+ ]
+
++ # Add an explicit RPATH to pyexpat.so pointing at the directory
++ # containing the system expat (which has the extra XML_SetHashSalt
++ # symbol), to avoid an ImportError with a link error if there's an
++ # LD_LIBRARY_PATH containing a "vanilla" build of expat (without the
++ # symbol) (rhbz#833271):
++ EXPAT_RPATH = '/usr/lib64' if sys.maxint == 0x7fffffffffffffff else '/usr/lib'
++
++
+ exts.append(Extension('pyexpat',
+ define_macros = define_macros,
+ include_dirs = expat_inc,
+ libraries = expat_lib,
+ sources = ['pyexpat.c'] + expat_sources,
+ depends = expat_depends,
++ extra_link_args = ['-Wl,-rpath,%s' % EXPAT_RPATH]
+ ))
+
+ # Fredrik Lundh's cElementTree module. Note that this also
diff --git a/00185-CVE-2013-4238-hostname-check-bypass-in-SSL-module.patch b/00188-CVE-2013-4238-hostname-check-bypass-in-SSL-module.patch
similarity index 100%
rename from 00185-CVE-2013-4238-hostname-check-bypass-in-SSL-module.patch
rename to 00188-CVE-2013-4238-hostname-check-bypass-in-SSL-module.patch
diff --git a/python.spec b/python.spec
index 441eb3a..75d4b9a 100644
--- a/python.spec
+++ b/python.spec
@@ -106,7 +106,7 @@ Summary: An interpreted, interactive, object-oriented programming language
Name: %{python}
# Remember to also rebase python-docs when changing this:
Version: 2.7.5
-Release: 4%{?dist}
+Release: 5%{?dist}
License: Python
Group: Development/Languages
Requires: %{python}-libs%{?_isa} = %{version}-%{release}
@@ -823,11 +823,28 @@ Patch181: 00181-allow-arbitrary-timeout-in-condition-wait.patch
Patch184: 00184-ctypes-should-build-with-libffi-multilib-wrapper.patch
# 00185 #
+# Makes urllib2 honor "no_proxy" enviroment variable for "ftp:" URLs
+# when ftp_proxy is set
+Patch185: 00185-urllib2-honors-noproxy-for-ftp.patch
+
+# 00186 #
+# Fix memory leak of variable utf8 in marshal.c
+Patch186: 00186-memory-leak-marshalc.patch
+
+# 00187 #
+# Add an explicit RPATH to pyexpat.so pointing at the directory
+# containing the system expat (which has the extra XML_SetHashSalt
+# symbol), to avoid an ImportError with a link error if there's an
+# LD_LIBRARY_PATH containing a "vanilla" build of expat (without the
+# symbol)
+Patch187: 00187-add-RPATH-to-pyexpat.patch
+
+# 00188 #
# Fix for CVE-2013-4238 --
-# SSL module fails to handle NULL bytes inside subjectAltNames general names (CVE-2013-4238)
+# SSL module fails to handle NULL bytes inside subjectAltNames general names
# http://bugs.python.org/issue18709
# rhbz#998430
-Patch185: 00185-CVE-2013-4238-hostname-check-bypass-in-SSL-module.patch
+Patch188: 00188-CVE-2013-4238-hostname-check-bypass-in-SSL-module.patch
# (New patches go here ^^^)
#
@@ -1181,6 +1198,9 @@ mv Modules/cryptmodule.c Modules/_cryptmodule.c
# 00183: not for python 2
%patch184 -p1
%patch185 -p1
+%patch186 -p1
+%patch187 -p1
+%patch188 -p1
# This shouldn't be necesarry, but is right now (2.2a3)
@@ -2010,6 +2030,9 @@ rm -fr %{buildroot}
# ======================================================
%changelog
+* Mon Aug 26 2013 Bohuslav Kabrda <bkabrda at redhat.com> - 2.7.5-5
+- Sync back/renumber patches to stay consistent with rhel.
+
* Mon Aug 19 2013 Matej Stuchlik <mstuchli at redhat.com> - 2.7.5-4
- Added fix for CVE-2013-4238 (rhbz#998430)
More information about the scm-commits
mailing list