ports/opt (3.3): [notify] python: update to 2.7.15, closes FS#1655

crux at crux.nu crux at crux.nu
Sat May 5 13:15:56 UTC 2018


commit f7e71aa7eb2ec6c091397a3bfc9d4d0d749d2b0a
Author: Juergen Daubert <jue at jue.li>
Date:   Sat May 5 15:14:09 2018 +0200

    [notify] python: update to 2.7.15, closes FS#1655
    
    several security fixes, see
    https://github.com/python/cpython/blob/2.7/Misc/NEWS.d/2.7.15rc1.rst

diff --git a/python/.footprint b/python/.footprint
index bb48ad2c5..83c9aa625 100644
--- a/python/.footprint
+++ b/python/.footprint
@@ -1036,8 +1036,8 @@ drwxr-xr-x	root/root	usr/lib/python2.7/ensurepip/
 -rw-r--r--	root/root	usr/lib/python2.7/ensurepip/__main__.pyc
 -rw-r--r--	root/root	usr/lib/python2.7/ensurepip/__main__.pyo
 drwxr-xr-x	root/root	usr/lib/python2.7/ensurepip/_bundled/
--rw-r--r--	root/root	usr/lib/python2.7/ensurepip/_bundled/pip-9.0.1-py2.py3-none-any.whl
--rw-r--r--	root/root	usr/lib/python2.7/ensurepip/_bundled/setuptools-28.8.0-py2.py3-none-any.whl
+-rw-r--r--	root/root	usr/lib/python2.7/ensurepip/_bundled/pip-9.0.3-py2.py3-none-any.whl
+-rw-r--r--	root/root	usr/lib/python2.7/ensurepip/_bundled/setuptools-39.0.1-py2.py3-none-any.whl
 -rw-r--r--	root/root	usr/lib/python2.7/ensurepip/_uninstall.py
 -rw-r--r--	root/root	usr/lib/python2.7/ensurepip/_uninstall.pyc
 -rw-r--r--	root/root	usr/lib/python2.7/ensurepip/_uninstall.pyo
@@ -1440,7 +1440,7 @@ drwxr-xr-x	root/root	usr/lib/python2.7/json/
 -rw-r--r--	root/root	usr/lib/python2.7/keyword.pyc
 -rw-r--r--	root/root	usr/lib/python2.7/keyword.pyo
 drwxr-xr-x	root/root	usr/lib/python2.7/lib-dynload/
--rw-r--r--	root/root	usr/lib/python2.7/lib-dynload/Python-2.7.14-py2.7.egg-info
+-rw-r--r--	root/root	usr/lib/python2.7/lib-dynload/Python-2.7.15-py2.7.egg-info
 -rwxr-xr-x	root/root	usr/lib/python2.7/lib-dynload/_bisect.so
 -rwxr-xr-x	root/root	usr/lib/python2.7/lib-dynload/_bsddb.so
 -rwxr-xr-x	root/root	usr/lib/python2.7/lib-dynload/_codecs_cn.so
@@ -1614,9 +1614,9 @@ drwxr-xr-x	root/root	usr/lib/python2.7/lib-tk/test/test_ttk/
 -rw-r--r--	root/root	usr/lib/python2.7/lib-tk/turtle.pyo
 drwxr-xr-x	root/root	usr/lib/python2.7/lib2to3/
 -rw-r--r--	root/root	usr/lib/python2.7/lib2to3/Grammar.txt
--rw-r--r--	root/root	usr/lib/python2.7/lib2to3/Grammar2.7.14.final.0.pickle
+-rw-r--r--	root/root	usr/lib/python2.7/lib2to3/Grammar2.7.15.final.0.pickle
 -rw-r--r--	root/root	usr/lib/python2.7/lib2to3/PatternGrammar.txt
--rw-r--r--	root/root	usr/lib/python2.7/lib2to3/PatternGrammar2.7.14.final.0.pickle
+-rw-r--r--	root/root	usr/lib/python2.7/lib2to3/PatternGrammar2.7.15.final.0.pickle
 -rw-r--r--	root/root	usr/lib/python2.7/lib2to3/__init__.py
 -rw-r--r--	root/root	usr/lib/python2.7/lib2to3/__init__.pyc
 -rw-r--r--	root/root	usr/lib/python2.7/lib2to3/__init__.pyo
@@ -2540,7 +2540,6 @@ drwxr-xr-x	root/root	usr/lib/python2.7/test/imghdrdata/
 -rw-r--r--	root/root	usr/lib/python2.7/test/seq_tests.pyc
 -rw-r--r--	root/root	usr/lib/python2.7/test/seq_tests.pyo
 -rw-r--r--	root/root	usr/lib/python2.7/test/sgml_input.html
--rw-r--r--	root/root	usr/lib/python2.7/test/sha256.pem
 -rw-r--r--	root/root	usr/lib/python2.7/test/sortperf.py
 -rw-r--r--	root/root	usr/lib/python2.7/test/sortperf.pyc
 -rw-r--r--	root/root	usr/lib/python2.7/test/sortperf.pyo
@@ -3828,6 +3827,7 @@ drwxr-xr-x	root/root	usr/lib/python2.7/test/tracedmodules/
 -rw-r--r--	root/root	usr/lib/python2.7/test/win_console_handler.pyo
 -rw-r--r--	root/root	usr/lib/python2.7/test/wrongcert.pem
 drwxr-xr-x	root/root	usr/lib/python2.7/test/xmltestdata/
+-rw-r--r--	root/root	usr/lib/python2.7/test/xmltestdata/expat224_utf8_bug.xml
 -rw-r--r--	root/root	usr/lib/python2.7/test/xmltestdata/simple-ns.xml
 -rw-r--r--	root/root	usr/lib/python2.7/test/xmltestdata/simple.xml
 -rw-r--r--	root/root	usr/lib/python2.7/test/xmltestdata/test.xml
diff --git a/python/.md5sum b/python/.md5sum
index 2522becf5..ce21c0a0b 100644
--- a/python/.md5sum
+++ b/python/.md5sum
@@ -1,3 +1,2 @@
-ff653e9e002ca0e3d4a828988e52edd3  CVE-2018-1000030.patch
-1f6db41ad91d9eb0a6f0c769b8613c5b  Python-2.7.14.tar.xz
+a80ae3cc478460b922242f43a1b4094d  Python-2.7.15.tar.xz
 387d5f6d00d2be01ecb87216cac0f88c  pyconfig.h
diff --git a/python/.signature b/python/.signature
index 660b6eece..699fd46d7 100644
--- a/python/.signature
+++ b/python/.signature
@@ -1,7 +1,6 @@
 untrusted comment: verify with /etc/ports/opt.pub
-RWSE3ohX2g5d/boQipBgLcfxZlqFZR09X30s/Z5MGSa539QoTYA6+7gBtc/kPgMKpF6e8opocX6wAQjcf9trsFzX4XMdoJaRFwY=
-SHA256 (Pkgfile) = 68fdadc03201267d440d69f8cd2e02a028887cf0b274d02ca17c52095aa8c663
-SHA256 (.footprint) = cad0b763c2deaad518b7c81ea32fbbe025df03c1548002336ef818ca9f4cf7ce
-SHA256 (Python-2.7.14.tar.xz) = 71ffb26e09e78650e424929b2b457b9c912ac216576e6bd9e7d204ed03296a66
-SHA256 (CVE-2018-1000030.patch) = f7ff89ad24d529532b4dfa6bd601d8f7368c3ae3950dae539ecc11e5e09b3ecb
+RWSE3ohX2g5d/QL9azCD8wrAyLYz7OIZz45ib254f7ONHFsMdZTkv/eshI8AxHtmbP0Nr59Mwf0D7Rm+UB866dHroOwADn7Vmgw=
+SHA256 (Pkgfile) = cd669df4f421b7406cbca94fb69daf8128bdd018e2039c4ecec8724da3f709ea
+SHA256 (.footprint) = 31c574d370b644955bc7d95e69f2b234ac56ecb5b4934bdeb27f99637137fcb9
+SHA256 (Python-2.7.15.tar.xz) = 22d9b1ac5b26135ad2b8c2901a9413537e08749a753356ee913c84dbd2df5574
 SHA256 (pyconfig.h) = 081426cb9524c2e156a71bb035c25a67e44d389afc6f7e091bcf86a7f4e2002f
diff --git a/python/CVE-2018-1000030.patch b/python/CVE-2018-1000030.patch
deleted file mode 100644
index efec47684..000000000
--- a/python/CVE-2018-1000030.patch
+++ /dev/null
@@ -1,258 +0,0 @@
---- a/Lib/test/test_file2k.py	2018-02-16 17:49:45.180147747 -0500
-+++ b/Lib/test/test_file2k.py	2018-02-16 17:51:06.870149602 -0500
-@@ -652,6 +652,33 @@ class FileThreadingTests(unittest.TestCa
-             self.f.writelines('')
-         self._test_close_open_io(io_func)
- 
-+    def test_iteration_torture(self):
-+        # bpo-31530
-+        with open(self.filename, "wb") as fp:
-+            for i in xrange(2**20):
-+                fp.write(b"0"*50 + b"\n")
-+        with open(self.filename, "rb") as f:
-+            def it():
-+                for l in f:
-+                    pass
-+            self._run_workers(it, 10)
-+
-+    def test_iteration_seek(self):
-+        # bpo-31530: Crash when concurrently seek and iterate over a file.
-+        with open(self.filename, "wb") as fp:
-+            for i in xrange(10000):
-+                fp.write(b"0"*50 + b"\n")
-+        with open(self.filename, "rb") as f:
-+            it = iter([1] + [0]*10)  # one thread reads, others seek
-+            def iterate():
-+                if next(it):
-+                    for l in f:
-+                        pass
-+                else:
-+                    for i in xrange(100):
-+                        f.seek(i*100, 0)
-+            self._run_workers(iterate, 10)
-+
- 
- @unittest.skipUnless(os.name == 'posix', 'test requires a posix system.')
- class TestFileSignalEINTR(unittest.TestCase):
---- a/Objects/fileobject.c	2018-02-16 17:49:45.304147750 -0500
-+++ b/Objects/fileobject.c	2018-02-16 17:51:06.872149603 -0500
-@@ -430,7 +430,7 @@ close_the_file(PyFileObject *f)
-             if (f->ob_refcnt > 0) {
-                 PyErr_SetString(PyExc_IOError,
-                     "close() called during concurrent "
--                    "operation on the same file object.");
-+                    "operation on the same file object");
-             } else {
-                 /* This should not happen unless someone is
-                  * carelessly playing with the PyFileObject
-@@ -438,7 +438,7 @@ close_the_file(PyFileObject *f)
-                  * pointer. */
-                 PyErr_SetString(PyExc_SystemError,
-                     "PyFileObject locking error in "
--                    "destructor (refcnt <= 0 at close).");
-+                    "destructor (refcnt <= 0 at close)");
-             }
-             return NULL;
-         }
-@@ -604,7 +604,12 @@ err_iterbuffered(void)
-     return NULL;
- }
- 
--static void drop_readahead(PyFileObject *);
-+static void
-+drop_file_readahead(PyFileObject *f)
-+{
-+    PyMem_FREE(f->f_buf);
-+    f->f_buf = NULL;
-+}
- 
- /* Methods */
- 
-@@ -627,7 +632,7 @@ file_dealloc(PyFileObject *f)
-     Py_XDECREF(f->f_mode);
-     Py_XDECREF(f->f_encoding);
-     Py_XDECREF(f->f_errors);
--    drop_readahead(f);
-+    drop_file_readahead(f);
-     Py_TYPE(f)->tp_free((PyObject *)f);
- }
- 
-@@ -762,7 +767,7 @@ file_seek(PyFileObject *f, PyObject *arg
- 
-     if (f->f_fp == NULL)
-         return err_closed();
--    drop_readahead(f);
-+    drop_file_readahead(f);
-     whence = 0;
-     if (!PyArg_ParseTuple(args, "O|i:seek", &offobj, &whence))
-         return NULL;
-@@ -2221,12 +2226,16 @@ static PyGetSetDef file_getsetlist[] = {
-     {0},
- };
- 
-+typedef struct {
-+    char *buf, *bufptr, *bufend;
-+} readaheadbuffer;
-+
- static void
--drop_readahead(PyFileObject *f)
-+drop_readaheadbuffer(readaheadbuffer *rab)
- {
--    if (f->f_buf != NULL) {
--        PyMem_Free(f->f_buf);
--        f->f_buf = NULL;
-+    if (rab->buf != NULL) {
-+        PyMem_FREE(rab->buf);
-+        rab->buf = NULL;
-     }
- }
- 
-@@ -2234,35 +2243,34 @@ drop_readahead(PyFileObject *f)
-    (unless at EOF) and no more than bufsize.  Returns negative value on
-    error, will set MemoryError if bufsize bytes cannot be allocated. */
- static int
--readahead(PyFileObject *f, Py_ssize_t bufsize)
-+readahead(PyFileObject *f, readaheadbuffer *rab, Py_ssize_t bufsize)
- {
-     Py_ssize_t chunksize;
- 
--    if (f->f_buf != NULL) {
--        if( (f->f_bufend - f->f_bufptr) >= 1)
-+    if (rab->buf != NULL) {
-+        if ((rab->bufend - rab->bufptr) >= 1)
-             return 0;
-         else
--            drop_readahead(f);
-+            drop_readaheadbuffer(rab);
-     }
--    if ((f->f_buf = (char *)PyMem_Malloc(bufsize)) == NULL) {
-+    if ((rab->buf = PyMem_MALLOC(bufsize)) == NULL) {
-         PyErr_NoMemory();
-         return -1;
-     }
-     FILE_BEGIN_ALLOW_THREADS(f)
-     errno = 0;
--    chunksize = Py_UniversalNewlineFread(
--        f->f_buf, bufsize, f->f_fp, (PyObject *)f);
-+    chunksize = Py_UniversalNewlineFread(rab->buf, bufsize, f->f_fp, (PyObject *)f);
-     FILE_END_ALLOW_THREADS(f)
-     if (chunksize == 0) {
-         if (ferror(f->f_fp)) {
-             PyErr_SetFromErrno(PyExc_IOError);
-             clearerr(f->f_fp);
--            drop_readahead(f);
-+            drop_readaheadbuffer(rab);
-             return -1;
-         }
-     }
--    f->f_bufptr = f->f_buf;
--    f->f_bufend = f->f_buf + chunksize;
-+    rab->bufptr = rab->buf;
-+    rab->bufend = rab->buf + chunksize;
-     return 0;
- }
- 
-@@ -2272,45 +2280,43 @@ readahead(PyFileObject *f, Py_ssize_t bu
-    logarithmic buffer growth to about 50 even when reading a 1gb line. */
- 
- static PyStringObject *
--readahead_get_line_skip(PyFileObject *f, Py_ssize_t skip, Py_ssize_t bufsize)
-+readahead_get_line_skip(PyFileObject *f, readaheadbuffer *rab, Py_ssize_t skip, Py_ssize_t bufsize)
- {
-     PyStringObject* s;
-     char *bufptr;
-     char *buf;
-     Py_ssize_t len;
- 
--    if (f->f_buf == NULL)
--        if (readahead(f, bufsize) < 0)
-+    if (rab->buf == NULL)
-+        if (readahead(f, rab, bufsize) < 0)
-             return NULL;
- 
--    len = f->f_bufend - f->f_bufptr;
-+    len = rab->bufend - rab->bufptr;
-     if (len == 0)
--        return (PyStringObject *)
--            PyString_FromStringAndSize(NULL, skip);
--    bufptr = (char *)memchr(f->f_bufptr, '\n', len);
-+        return (PyStringObject *)PyString_FromStringAndSize(NULL, skip);
-+    bufptr = (char *)memchr(rab->bufptr, '\n', len);
-     if (bufptr != NULL) {
-         bufptr++;                               /* Count the '\n' */
--        len = bufptr - f->f_bufptr;
--        s = (PyStringObject *)
--            PyString_FromStringAndSize(NULL, skip + len);
-+        len = bufptr - rab->bufptr;
-+        s = (PyStringObject *)PyString_FromStringAndSize(NULL, skip + len);
-         if (s == NULL)
-             return NULL;
--        memcpy(PyString_AS_STRING(s) + skip, f->f_bufptr, len);
--        f->f_bufptr = bufptr;
--        if (bufptr == f->f_bufend)
--            drop_readahead(f);
-+        memcpy(PyString_AS_STRING(s) + skip, rab->bufptr, len);
-+        rab->bufptr = bufptr;
-+        if (bufptr == rab->bufend)
-+            drop_readaheadbuffer(rab);
-     } else {
--        bufptr = f->f_bufptr;
--        buf = f->f_buf;
--        f->f_buf = NULL;                /* Force new readahead buffer */
-+        bufptr = rab->bufptr;
-+        buf = rab->buf;
-+        rab->buf = NULL;                /* Force new readahead buffer */
-         assert(len <= PY_SSIZE_T_MAX - skip);
--        s = readahead_get_line_skip(f, skip + len, bufsize + (bufsize>>2));
-+        s = readahead_get_line_skip(f, rab, skip + len, bufsize + (bufsize>>2));
-         if (s == NULL) {
--            PyMem_Free(buf);
-+            PyMem_FREE(buf);
-             return NULL;
-         }
-         memcpy(PyString_AS_STRING(s) + skip, bufptr, len);
--        PyMem_Free(buf);
-+        PyMem_FREE(buf);
-     }
-     return s;
- }
-@@ -2328,7 +2334,30 @@ file_iternext(PyFileObject *f)
-     if (!f->readable)
-         return err_mode("reading");
- 
--    l = readahead_get_line_skip(f, 0, READAHEAD_BUFSIZE);
-+    {
-+        /*
-+          Multiple threads can enter this method while the GIL is released
-+          during file read and wreak havoc on the file object's readahead
-+          buffer. To avoid dealing with cross-thread coordination issues, we
-+          cache the file buffer state locally and only set it back on the file
-+          object when we're done.
-+        */
-+        readaheadbuffer rab = {f->f_buf, f->f_bufptr, f->f_bufend};
-+        f->f_buf = NULL;
-+        l = readahead_get_line_skip(f, &rab, 0, READAHEAD_BUFSIZE);
-+        /*
-+          Make sure the file's internal read buffer is cleared out. This will
-+          only do anything if some other thread interleaved with us during
-+          readahead. We want to drop any changeling buffer, so we don't leak
-+          memory. We may lose data, but that's what you get for reading the same
-+          file object in multiple threads.
-+        */
-+        drop_file_readahead(f);
-+        f->f_buf = rab.buf;
-+        f->f_bufptr = rab.bufptr;
-+        f->f_bufend = rab.bufend;
-+    }
-+
-     if (l == NULL || PyString_GET_SIZE(l) == 0) {
-         Py_XDECREF(l);
-         return NULL;
-@@ -2692,7 +2721,7 @@ int PyObject_AsFileDescriptor(PyObject *
-     }
-     else {
-         PyErr_SetString(PyExc_TypeError,
--                        "argument must be an int, or have a fileno() method.");
-+                        "argument must be an int, or have a fileno() method");
-         return -1;
-     }
diff --git a/python/Pkgfile b/python/Pkgfile
index 3120ef84a..f3784af0f 100644
--- a/python/Pkgfile
+++ b/python/Pkgfile
@@ -4,18 +4,13 @@
 # Depends on:  db gdbm openssl bzip2 zlib sqlite3
 
 name=python
-version=2.7.14
-release=2
+version=2.7.15
+release=1
 source=(http://www.python.org/ftp/$name/$version/Python-$version.tar.xz \
-        CVE-2018-1000030.patch
         pyconfig.h)
 
 build () {
     cd Python-$version
-   
-    # fix for CVE-2018-1000030
-    # see https://bugs.python.org/issue31530
-    patch -p1 -i $SRC/CVE-2018-1000030.patch
 
     # set OPT to the python default without -O3
     # our CFLAGS are used as well


More information about the CRUX mailing list