ports/opt (2.4): [nofify] python: update for multiple vulnerabilities
commit c5df120f5a4745fae190db8157e5e9b6f19e137c Author: Juergen Daubert <jue@jue.li> Date: Thu Aug 7 10:14:56 2008 +0200 [nofify] python: update for multiple vulnerabilities See http://lwn.net/Vulnerabilities/292410/ for an overview of the issue. Thanks to Jonathan Schleifer for the notification. Patches shameless stolen from gentoo. diff --git a/python/.md5sum b/python/.md5sum index c6abbac..e75eab2 100644 --- a/python/.md5sum +++ b/python/.md5sum @@ -1,2 +1,6 @@ +12d1a9953f105464b1f673b6566f739c CVE-2008-2315.patch.gz +810695c756477ea6d407dc1ac4dc8c75 CVE-2008-2316.patch.gz +3984d29be539e2b98828a55c432fc318 CVE-2008-3142.patch.gz +7c4bcfb76a6994aa373aef12c234958e CVE-2008-3144.patch.gz afb5451049eda91fbde10bd5a4b7fadc Python-2.5.2.tar.bz2 6d78d63802ecace8bbe50353862b92cf python-2.5.2.patch diff --git a/python/CVE-2008-2315.patch.gz b/python/CVE-2008-2315.patch.gz new file mode 100644 index 0000000..dd0e10e Binary files /dev/null and b/python/CVE-2008-2315.patch.gz differ diff --git a/python/CVE-2008-2316.patch.gz b/python/CVE-2008-2316.patch.gz new file mode 100644 index 0000000..5ef9bc2 Binary files /dev/null and b/python/CVE-2008-2316.patch.gz differ diff --git a/python/CVE-2008-3142.patch.gz b/python/CVE-2008-3142.patch.gz new file mode 100644 index 0000000..72871a0 Binary files /dev/null and b/python/CVE-2008-3142.patch.gz differ diff --git a/python/CVE-2008-3144.patch.gz b/python/CVE-2008-3144.patch.gz new file mode 100644 index 0000000..524435e Binary files /dev/null and b/python/CVE-2008-3144.patch.gz differ diff --git a/python/Pkgfile b/python/Pkgfile index a89704e..2f07a1f 100644 --- a/python/Pkgfile +++ b/python/Pkgfile @@ -1,18 +1,20 @@ # Description: Python interpreter, version 2.5 # URL: http://www.python.org # Maintainer: Juergen Daubert, juergen dot daubert at t-online dot de -# Depends on: db, gdbm, ncurses, openssl, readline, zlib +# Depends on: db gdbm ncurses openssl readline bzip2 zlib name=python version=2.5.2 -release=2 +release=3 source=(http://www.python.org/ftp/$name/$version/Python-$version.tar.bz2 \ - $name-$version.patch) + $name-$version.patch CVE-2008-{2315,2316,3142,3144}.patch.gz) build () { cd Python-$version patch -p1 -i $SRC/$name-$version.patch + gunzip -c $SRC/CVE*.patch.gz | patch -p1 + ./configure --prefix=/usr \ --mandir=/usr/man \ --enable-shared \
participants (1)
-
crux@crux.nu