python: Backport CVE-2013-1752 fix from upstream

This back ported patch fixes CVE-2013-1752 for
ftplib,imaplib,nntplib and poplib
References:
http://bugs.python.org/issue16038
http://bugs.python.org/issue16039
http://bugs.python.org/issue16040
http://bugs.python.org/issue16041
https://access.redhat.com/security/cve/CVE-2013-1752

The ftplib,imaplib,nntplib and poplib modules doesn't limit the amount
of read data in its call to readline().
The modules should be modified to use limited readline() with _MAXLINE.

Signed-off-by: Tudor Florea <tudor.florea@enea.com>

1 files changed, 4 insertions, 0 deletions

diff --git a/meta/recipes-devtools/python/python_2.7.3.bb b/meta/recipes-devtools/python/python_2.7.3.bb
index bde7a70cf7..8c3b08ebb9 100644
--- a/meta/recipes-devtools/python/python_2.7.3.bb
+++ b/meta/recipes-devtools/python/python_2.7.3.bb
@@ -40,6 +40,10 @@ SRC_URI += "\
   file://python2.7.3-nossl3.patch \
   file://python-2.7.3-CVE-2014-7185.patch \
   file://python-2.7.3-CVE-2013-1752-httplib-fix.patch \
+  file://python-2.7.3-CVE-2013-1752-ftplib-fix.patch \
+  file://python-2.7.3-CVE-2013-1752-imaplib-fix.patch \
+  file://python-2.7.3-CVE-2013-1752-nntplib-fix.patch \
+  file://python-2.7.3-CVE-2013-1752-poplib-fix.patch \
 "
 
 S = "${WORKDIR}/Python-${PV}"