summaryrefslogtreecommitdiffstats
path: root/meta/recipes-devtools/python
diff options
context:
space:
mode:
authorArmin Kuster <akuster@mvista.com>2016-07-16 16:04:14 -0700
committerRichard Purdie <richard.purdie@linuxfoundation.org>2016-07-20 10:28:52 +0100
commit81106cd333b03d78fc090dd09dd796cf083744e7 (patch)
treefb03ab49557f258321a994da892d983b175ecfb0 /meta/recipes-devtools/python
parent3aaf0232027629b868c85a8f86c2d26e5e9c7ea9 (diff)
downloadpoky-81106cd333b03d78fc090dd09dd796cf083744e7.tar.gz
python2: Security fix CVE-2016-5636
Affects python2 < 2.7.11 Base score (4.4) Medium (From OE-Core rev: 4d1f651047a045955b436357753c7e094468b4ed) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-devtools/python')
-rw-r--r--meta/recipes-devtools/python/python/CVE-2016-5636.patch44
-rw-r--r--meta/recipes-devtools/python/python_2.7.11.bb1
2 files changed, 45 insertions, 0 deletions
diff --git a/meta/recipes-devtools/python/python/CVE-2016-5636.patch b/meta/recipes-devtools/python/python/CVE-2016-5636.patch
new file mode 100644
index 0000000000..9a37471459
--- /dev/null
+++ b/meta/recipes-devtools/python/python/CVE-2016-5636.patch
@@ -0,0 +1,44 @@
1
2# HG changeset patch
3# User Benjamin Peterson <benjamin@python.org>
4# Date 1453357424 28800
5# Node ID 985fc64c60d6adffd1138b6cc46df388ca91ca5d
6# Parent 7ec954b9fc54448a35b56d271340ba109eb381b9
7prevent buffer overflow in get_data (closes #26171)
8
9Upstream-Status: Backport
10https://hg.python.org/cpython/rev/985fc64c60d6
11
12CVE: CVE-2016-5636
13Signed-off-by: Armin Kuster <akuster@mvista.com>
14
15Index: Python-2.7.11/Misc/NEWS
16===================================================================
17--- Python-2.7.11.orig/Misc/NEWS
18+++ Python-2.7.11/Misc/NEWS
19@@ -7,6 +7,9 @@ What's New in Python 2.7.11?
20
21 *Release date: 2015-12-05*
22
23+- Issue #26171: Fix possible integer overflow and heap corruption in
24+ zipimporter.get_data().
25+
26 Library
27 -------
28
29Index: Python-2.7.11/Modules/zipimport.c
30===================================================================
31--- Python-2.7.11.orig/Modules/zipimport.c
32+++ Python-2.7.11/Modules/zipimport.c
33@@ -895,6 +895,11 @@ get_data(char *archive, PyObject *toc_en
34 PyMarshal_ReadShortFromFile(fp); /* local header size */
35 file_offset += l; /* Start of file data */
36
37+ if (data_size > LONG_MAX - 1) {
38+ fclose(fp);
39+ PyErr_NoMemory();
40+ return NULL;
41+ }
42 raw_data = PyString_FromStringAndSize((char *)NULL, compress == 0 ?
43 data_size : data_size + 1);
44 if (raw_data == NULL) {
diff --git a/meta/recipes-devtools/python/python_2.7.11.bb b/meta/recipes-devtools/python/python_2.7.11.bb
index 7eced2dcdc..1e4a30d1ff 100644
--- a/meta/recipes-devtools/python/python_2.7.11.bb
+++ b/meta/recipes-devtools/python/python_2.7.11.bb
@@ -27,6 +27,7 @@ SRC_URI += "\
27 file://use_sysroot_ncurses_instead_of_host.patch \ 27 file://use_sysroot_ncurses_instead_of_host.patch \
28 file://avoid_parallel_make_races_on_pgen.patch \ 28 file://avoid_parallel_make_races_on_pgen.patch \
29 file://add-CROSSPYTHONPATH-for-PYTHON_FOR_BUILD.patch \ 29 file://add-CROSSPYTHONPATH-for-PYTHON_FOR_BUILD.patch \
30 file://CVE-2016-5636.patch \
30" 31"
31 32
32S = "${WORKDIR}/Python-${PV}" 33S = "${WORKDIR}/Python-${PV}"