summaryrefslogtreecommitdiffstats
path: root/meta/recipes-devtools/python
diff options
context:
space:
mode:
authorAlejandro Hernandez <alejandro.hernandez@linux.intel.com>2017-01-24 00:55:06 -0600
committerRichard Purdie <richard.purdie@linuxfoundation.org>2017-03-01 23:27:06 +0000
commit30b2044de65665470a95e33e934816c0caa91325 (patch)
treece7fdf9bda1aeb07dd362411152b23dc36375e40 /meta/recipes-devtools/python
parent1bd3e545bd14428e0695bafd80fe350a57463363 (diff)
downloadpoky-30b2044de65665470a95e33e934816c0caa91325.tar.gz
python: Upgrade both python and python-native to 2.7.13
Rebased: - python-native/multilib.patch - python/multilib.patch - python/01-use-proper-tools-for-cross-build.patch Upstream: - CVE-2016-1000110 (From OE-Core rev: 2eaadc5464e3340359b626026d80afb6bc01d3f1) Signed-off-by: Alejandro Hernandez <alejandro.hernandez@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-devtools/python')
-rw-r--r--meta/recipes-devtools/python/python-native/multilib.patch96
-rw-r--r--meta/recipes-devtools/python/python-native_2.7.13.bb (renamed from meta/recipes-devtools/python/python-native_2.7.12.bb)0
-rw-r--r--meta/recipes-devtools/python/python.inc4
-rw-r--r--meta/recipes-devtools/python/python/01-use-proper-tools-for-cross-build.patch34
-rw-r--r--meta/recipes-devtools/python/python/multilib.patch118
-rw-r--r--meta/recipes-devtools/python/python/python-fix-CVE-2016-1000110.patch162
-rw-r--r--meta/recipes-devtools/python/python_2.7.13.bb (renamed from meta/recipes-devtools/python/python_2.7.12.bb)1
7 files changed, 126 insertions, 289 deletions
diff --git a/meta/recipes-devtools/python/python-native/multilib.patch b/meta/recipes-devtools/python/python-native/multilib.patch
index 916b40f4ab..ad46085094 100644
--- a/meta/recipes-devtools/python/python-native/multilib.patch
+++ b/meta/recipes-devtools/python/python-native/multilib.patch
@@ -12,10 +12,10 @@ Upstream-Status: Inappropriate [oe-specific]
12 12
13Signed-off-by: Nitin A Kamble <nitin.a.kamble@intel.com> 13Signed-off-by: Nitin A Kamble <nitin.a.kamble@intel.com>
14 14
15Index: Python-2.7.12/Include/pythonrun.h 15Index: Python-2.7.13/Include/pythonrun.h
16=================================================================== 16===================================================================
17--- Python-2.7.12.orig/Include/pythonrun.h 17--- Python-2.7.13.orig/Include/pythonrun.h
18+++ Python-2.7.12/Include/pythonrun.h 18+++ Python-2.7.13/Include/pythonrun.h
19@@ -108,6 +108,7 @@ PyAPI_FUNC(char *) Py_GetPath(void); 19@@ -108,6 +108,7 @@ PyAPI_FUNC(char *) Py_GetPath(void);
20 /* In their own files */ 20 /* In their own files */
21 PyAPI_FUNC(const char *) Py_GetVersion(void); 21 PyAPI_FUNC(const char *) Py_GetVersion(void);
@@ -24,10 +24,10 @@ Index: Python-2.7.12/Include/pythonrun.h
24 PyAPI_FUNC(const char *) Py_GetCopyright(void); 24 PyAPI_FUNC(const char *) Py_GetCopyright(void);
25 PyAPI_FUNC(const char *) Py_GetCompiler(void); 25 PyAPI_FUNC(const char *) Py_GetCompiler(void);
26 PyAPI_FUNC(const char *) Py_GetBuildInfo(void); 26 PyAPI_FUNC(const char *) Py_GetBuildInfo(void);
27Index: Python-2.7.12/Lib/distutils/command/install.py 27Index: Python-2.7.13/Lib/distutils/command/install.py
28=================================================================== 28===================================================================
29--- Python-2.7.12.orig/Lib/distutils/command/install.py 29--- Python-2.7.13.orig/Lib/distutils/command/install.py
30+++ Python-2.7.12/Lib/distutils/command/install.py 30+++ Python-2.7.13/Lib/distutils/command/install.py
31@@ -22,6 +22,8 @@ from site import USER_BASE 31@@ -22,6 +22,8 @@ from site import USER_BASE
32 from site import USER_SITE 32 from site import USER_SITE
33 33
@@ -46,23 +46,23 @@ Index: Python-2.7.12/Lib/distutils/command/install.py
46 'headers': '$base/include/python$py_version_short/$dist_name', 46 'headers': '$base/include/python$py_version_short/$dist_name',
47 'scripts': '$base/bin', 47 'scripts': '$base/bin',
48 'data' : '$base', 48 'data' : '$base',
49Index: Python-2.7.12/Lib/pydoc.py 49Index: Python-2.7.13/Lib/pydoc.py
50=================================================================== 50===================================================================
51--- Python-2.7.12.orig/Lib/pydoc.py 51--- Python-2.7.13.orig/Lib/pydoc.py
52+++ Python-2.7.12/Lib/pydoc.py 52+++ Python-2.7.13/Lib/pydoc.py
53@@ -384,7 +384,7 @@ class Doc: 53@@ -375,7 +375,7 @@ class Doc:
54 54 docmodule = docclass = docroutine = docother = docproperty = docdata = fail
55 docloc = os.environ.get("PYTHONDOCS", 55
56 "http://docs.python.org/library") 56 def getdocloc(self, object,
57- basedir = os.path.join(sys.exec_prefix, "lib", 57- basedir=os.path.join(sys.exec_prefix, "lib",
58+ basedir = os.path.join(sys.exec_prefix, sys.lib, 58+ basedir=os.path.join(sys.exec_prefix, "sys.lib",
59 "python"+sys.version[0:3]) 59 "python"+sys.version[0:3])):
60 if (isinstance(object, type(os)) and 60 """Return the location of module docs or None"""
61 (object.__name__ in ('errno', 'exceptions', 'gc', 'imp', 61
62Index: Python-2.7.12/Lib/site.py 62Index: Python-2.7.13/Lib/site.py
63=================================================================== 63===================================================================
64--- Python-2.7.12.orig/Lib/site.py 64--- Python-2.7.13.orig/Lib/site.py
65+++ Python-2.7.12/Lib/site.py 65+++ Python-2.7.13/Lib/site.py
66@@ -288,13 +288,19 @@ def getsitepackages(): 66@@ -288,13 +288,19 @@ def getsitepackages():
67 if sys.platform in ('os2emx', 'riscos'): 67 if sys.platform in ('os2emx', 'riscos'):
68 sitepackages.append(os.path.join(prefix, "Lib", "site-packages")) 68 sitepackages.append(os.path.join(prefix, "Lib", "site-packages"))
@@ -83,13 +83,13 @@ Index: Python-2.7.12/Lib/site.py
83 sitepackages.append(prefix) 83 sitepackages.append(prefix)
84- sitepackages.append(os.path.join(prefix, "lib", "site-packages")) 84- sitepackages.append(os.path.join(prefix, "lib", "site-packages"))
85+ sitepackages.append(os.path.join(prefix, sys.lib, "site-packages")) 85+ sitepackages.append(os.path.join(prefix, sys.lib, "site-packages"))
86 if sys.platform == "darwin": 86 return sitepackages
87 # for framework builds *only* we add the standard Apple 87
88 # locations. 88 def addsitepackages(known_paths):
89Index: Python-2.7.12/Lib/test/test_dl.py 89Index: Python-2.7.13/Lib/test/test_dl.py
90=================================================================== 90===================================================================
91--- Python-2.7.12.orig/Lib/test/test_dl.py 91--- Python-2.7.13.orig/Lib/test/test_dl.py
92+++ Python-2.7.12/Lib/test/test_dl.py 92+++ Python-2.7.13/Lib/test/test_dl.py
93@@ -4,10 +4,11 @@ 93@@ -4,10 +4,11 @@
94 import unittest 94 import unittest
95 from test.test_support import verbose, import_module 95 from test.test_support import verbose, import_module
@@ -104,10 +104,10 @@ Index: Python-2.7.12/Lib/test/test_dl.py
104 ('/usr/bin/cygwin1.dll', 'getpid'), 104 ('/usr/bin/cygwin1.dll', 'getpid'),
105 ('/usr/lib/libc.dylib', 'getpid'), 105 ('/usr/lib/libc.dylib', 'getpid'),
106 ] 106 ]
107Index: Python-2.7.12/Lib/trace.py 107Index: Python-2.7.13/Lib/trace.py
108=================================================================== 108===================================================================
109--- Python-2.7.12.orig/Lib/trace.py 109--- Python-2.7.13.orig/Lib/trace.py
110+++ Python-2.7.12/Lib/trace.py 110+++ Python-2.7.13/Lib/trace.py
111@@ -754,10 +754,10 @@ def main(argv=None): 111@@ -754,10 +754,10 @@ def main(argv=None):
112 # should I also call expanduser? (after all, could use $HOME) 112 # should I also call expanduser? (after all, could use $HOME)
113 113
@@ -121,10 +121,10 @@ Index: Python-2.7.12/Lib/trace.py
121 "python" + sys.version[:3])) 121 "python" + sys.version[:3]))
122 s = os.path.normpath(s) 122 s = os.path.normpath(s)
123 ignore_dirs.append(s) 123 ignore_dirs.append(s)
124Index: Python-2.7.12/Makefile.pre.in 124Index: Python-2.7.13/Makefile.pre.in
125=================================================================== 125===================================================================
126--- Python-2.7.12.orig/Makefile.pre.in 126--- Python-2.7.13.orig/Makefile.pre.in
127+++ Python-2.7.12/Makefile.pre.in 127+++ Python-2.7.13/Makefile.pre.in
128@@ -92,6 +92,7 @@ PY_CFLAGS= $(CFLAGS) $(CPPFLAGS) $(CFLAG 128@@ -92,6 +92,7 @@ PY_CFLAGS= $(CFLAGS) $(CPPFLAGS) $(CFLAG
129 129
130 # Machine-dependent subdirectories 130 # Machine-dependent subdirectories
@@ -142,7 +142,7 @@ Index: Python-2.7.12/Makefile.pre.in
142 142
143 # Detailed destination directories 143 # Detailed destination directories
144 BINLIBDEST= $(LIBDIR)/python$(VERSION) 144 BINLIBDEST= $(LIBDIR)/python$(VERSION)
145@@ -669,6 +670,7 @@ Modules/getpath.o: $(srcdir)/Modules/get 145@@ -668,6 +669,7 @@ Modules/getpath.o: $(srcdir)/Modules/get
146 -DEXEC_PREFIX='"$(exec_prefix)"' \ 146 -DEXEC_PREFIX='"$(exec_prefix)"' \
147 -DVERSION='"$(VERSION)"' \ 147 -DVERSION='"$(VERSION)"' \
148 -DVPATH='"$(VPATH)"' \ 148 -DVPATH='"$(VPATH)"' \
@@ -150,7 +150,7 @@ Index: Python-2.7.12/Makefile.pre.in
150 -o $@ $(srcdir)/Modules/getpath.c 150 -o $@ $(srcdir)/Modules/getpath.c
151 151
152 Modules/python.o: $(srcdir)/Modules/python.c 152 Modules/python.o: $(srcdir)/Modules/python.c
153@@ -720,7 +722,7 @@ $(AST_C): $(AST_ASDL) $(ASDLGEN_FILES) 153@@ -708,7 +710,7 @@ $(AST_C): $(AST_ASDL) $(ASDLGEN_FILES)
154 Python/compile.o Python/symtable.o Python/ast.o: $(GRAMMAR_H) $(AST_H) 154 Python/compile.o Python/symtable.o Python/ast.o: $(GRAMMAR_H) $(AST_H)
155 155
156 Python/getplatform.o: $(srcdir)/Python/getplatform.c 156 Python/getplatform.o: $(srcdir)/Python/getplatform.c
@@ -159,10 +159,10 @@ Index: Python-2.7.12/Makefile.pre.in
159 159
160 Python/importdl.o: $(srcdir)/Python/importdl.c 160 Python/importdl.o: $(srcdir)/Python/importdl.c
161 $(CC) -c $(PY_CFLAGS) -I$(DLINCLDIR) -o $@ $(srcdir)/Python/importdl.c 161 $(CC) -c $(PY_CFLAGS) -I$(DLINCLDIR) -o $@ $(srcdir)/Python/importdl.c
162Index: Python-2.7.12/Modules/getpath.c 162Index: Python-2.7.13/Modules/getpath.c
163=================================================================== 163===================================================================
164--- Python-2.7.12.orig/Modules/getpath.c 164--- Python-2.7.13.orig/Modules/getpath.c
165+++ Python-2.7.12/Modules/getpath.c 165+++ Python-2.7.13/Modules/getpath.c
166@@ -100,6 +100,13 @@ 166@@ -100,6 +100,13 @@
167 #error "PREFIX, EXEC_PREFIX, VERSION, and VPATH must be constant defined" 167 #error "PREFIX, EXEC_PREFIX, VERSION, and VPATH must be constant defined"
168 #endif 168 #endif
@@ -186,10 +186,10 @@ Index: Python-2.7.12/Modules/getpath.c
186 186
187 static void 187 static void
188 reduce(char *dir) 188 reduce(char *dir)
189Index: Python-2.7.12/Python/getplatform.c 189Index: Python-2.7.13/Python/getplatform.c
190=================================================================== 190===================================================================
191--- Python-2.7.12.orig/Python/getplatform.c 191--- Python-2.7.13.orig/Python/getplatform.c
192+++ Python-2.7.12/Python/getplatform.c 192+++ Python-2.7.13/Python/getplatform.c
193@@ -10,3 +10,13 @@ Py_GetPlatform(void) 193@@ -10,3 +10,13 @@ Py_GetPlatform(void)
194 { 194 {
195 return PLATFORM; 195 return PLATFORM;
@@ -204,10 +204,10 @@ Index: Python-2.7.12/Python/getplatform.c
204+{ 204+{
205+ return LIB; 205+ return LIB;
206+} 206+}
207Index: Python-2.7.12/Python/sysmodule.c 207Index: Python-2.7.13/Python/sysmodule.c
208=================================================================== 208===================================================================
209--- Python-2.7.12.orig/Python/sysmodule.c 209--- Python-2.7.13.orig/Python/sysmodule.c
210+++ Python-2.7.12/Python/sysmodule.c 210+++ Python-2.7.13/Python/sysmodule.c
211@@ -1437,6 +1437,8 @@ _PySys_Init(void) 211@@ -1437,6 +1437,8 @@ _PySys_Init(void)
212 PyString_FromString(Py_GetCopyright())); 212 PyString_FromString(Py_GetCopyright()));
213 SET_SYS_FROM_STRING("platform", 213 SET_SYS_FROM_STRING("platform",
@@ -217,11 +217,11 @@ Index: Python-2.7.12/Python/sysmodule.c
217 SET_SYS_FROM_STRING("executable", 217 SET_SYS_FROM_STRING("executable",
218 PyString_FromString(Py_GetProgramFullPath())); 218 PyString_FromString(Py_GetProgramFullPath()));
219 SET_SYS_FROM_STRING("prefix", 219 SET_SYS_FROM_STRING("prefix",
220Index: Python-2.7.12/configure.ac 220Index: Python-2.7.13/configure.ac
221=================================================================== 221===================================================================
222--- Python-2.7.12.orig/configure.ac 222--- Python-2.7.13.orig/configure.ac
223+++ Python-2.7.12/configure.ac 223+++ Python-2.7.13/configure.ac
224@@ -756,6 +756,11 @@ SunOS*) 224@@ -759,6 +759,11 @@ SunOS*)
225 ;; 225 ;;
226 esac 226 esac
227 227
diff --git a/meta/recipes-devtools/python/python-native_2.7.12.bb b/meta/recipes-devtools/python/python-native_2.7.13.bb
index 9a6430dba5..9a6430dba5 100644
--- a/meta/recipes-devtools/python/python-native_2.7.12.bb
+++ b/meta/recipes-devtools/python/python-native_2.7.13.bb
diff --git a/meta/recipes-devtools/python/python.inc b/meta/recipes-devtools/python/python.inc
index e51993fce1..b9ec69275a 100644
--- a/meta/recipes-devtools/python/python.inc
+++ b/meta/recipes-devtools/python/python.inc
@@ -9,8 +9,8 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=6b60258130e4ed10d3101517eb5b9385"
9 9
10SRC_URI = "http://www.python.org/ftp/python/${PV}/Python-${PV}.tar.xz" 10SRC_URI = "http://www.python.org/ftp/python/${PV}/Python-${PV}.tar.xz"
11 11
12SRC_URI[md5sum] = "57dffcee9cee8bb2ab5f82af1d8e9a69" 12SRC_URI[md5sum] = "53b43534153bb2a0363f08bae8b9d990"
13SRC_URI[sha256sum] = "d7837121dd5652a05fef807c361909d255d173280c4e1a4ded94d73d80a1f978" 13SRC_URI[sha256sum] = "35d543986882f78261f97787fd3e06274bfa6df29fac9b4a94f73930ff98f731"
14 14
15# python recipe is actually python 2.x 15# python recipe is actually python 2.x
16# also, exclude pre-releases for both python 2.x and 3.x 16# also, exclude pre-releases for both python 2.x and 3.x
diff --git a/meta/recipes-devtools/python/python/01-use-proper-tools-for-cross-build.patch b/meta/recipes-devtools/python/python/01-use-proper-tools-for-cross-build.patch
index b2a8c3b5a3..366ce3e400 100644
--- a/meta/recipes-devtools/python/python/01-use-proper-tools-for-cross-build.patch
+++ b/meta/recipes-devtools/python/python/01-use-proper-tools-for-cross-build.patch
@@ -9,11 +9,11 @@ Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
9Rebased for python-2.7.9 9Rebased for python-2.7.9
10Signed-off-by: Alejandro Hernandez <alejandro.hernandez@linux.intel.com> 10Signed-off-by: Alejandro Hernandez <alejandro.hernandez@linux.intel.com>
11 11
12Index: Python-2.7.12/Makefile.pre.in 12Index: Python-2.7.13/Makefile.pre.in
13=================================================================== 13===================================================================
14--- Python-2.7.12.orig/Makefile.pre.in 14--- Python-2.7.13.orig/Makefile.pre.in
15+++ Python-2.7.12/Makefile.pre.in 15+++ Python-2.7.13/Makefile.pre.in
16@@ -246,6 +246,7 @@ LIBFFI_INCLUDEDIR= @LIBFFI_INCLUDEDIR@ 16@@ -245,6 +245,7 @@ LIBFFI_INCLUDEDIR= @LIBFFI_INCLUDEDIR@
17 ########################################################################## 17 ##########################################################################
18 # Parser 18 # Parser
19 PGEN= Parser/pgen$(EXE) 19 PGEN= Parser/pgen$(EXE)
@@ -21,7 +21,7 @@ Index: Python-2.7.12/Makefile.pre.in
21 21
22 PSRCS= \ 22 PSRCS= \
23 Parser/acceler.c \ 23 Parser/acceler.c \
24@@ -513,7 +514,7 @@ $(BUILDPYTHON): Modules/python.o $(LIBRA 24@@ -512,7 +513,7 @@ $(BUILDPYTHON): Modules/python.o $(LIBRA
25 $(BLDLIBRARY) $(LIBS) $(MODLIBS) $(SYSLIBS) $(LDLAST) 25 $(BLDLIBRARY) $(LIBS) $(MODLIBS) $(SYSLIBS) $(LDLAST)
26 26
27 platform: $(BUILDPYTHON) pybuilddir.txt 27 platform: $(BUILDPYTHON) pybuilddir.txt
@@ -30,16 +30,16 @@ Index: Python-2.7.12/Makefile.pre.in
30 30
31 # Create build directory and generate the sysconfig build-time data there. 31 # Create build directory and generate the sysconfig build-time data there.
32 # pybuilddir.txt contains the name of the build dir and is used for 32 # pybuilddir.txt contains the name of the build dir and is used for
33@@ -684,7 +685,7 @@ $(GRAMMAR_H): $(GRAMMAR_INPUT) $(PGEN) 33@@ -681,7 +682,7 @@ Modules/pwdmodule.o: $(srcdir)/Modules/p
34
35 $(GRAMMAR_H): @GENERATED_COMMENT@ $(GRAMMAR_INPUT) $(PGEN)
34 @$(MKDIR_P) Include 36 @$(MKDIR_P) Include
35 # Avoid copying the file onto itself for an in-tree build 37- $(PGEN) $(GRAMMAR_INPUT) $(GRAMMAR_H) $(GRAMMAR_C)
36 if test "$(cross_compiling)" != "yes"; then \ 38+ $(HOSTPGEN) $(GRAMMAR_INPUT) $(GRAMMAR_H) $(GRAMMAR_C)
37- $(PGEN) $(GRAMMAR_INPUT) $(GRAMMAR_H) $(GRAMMAR_C); \ 39 $(GRAMMAR_C): @GENERATED_COMMENT@ $(GRAMMAR_H)
38+ $(HOSTPGEN) $(GRAMMAR_INPUT) $(GRAMMAR_H) $(GRAMMAR_C); \ 40 touch $(GRAMMAR_C)
39 else \ 41
40 cp $(srcdir)/Include/graminit.h $(GRAMMAR_H).tmp; \ 42@@ -1121,27 +1122,27 @@ libinstall: build_all $(srcdir)/Lib/$(PL
41 mv $(GRAMMAR_H).tmp $(GRAMMAR_H); \
42@@ -1133,27 +1134,27 @@ libinstall: build_all $(srcdir)/Lib/$(PL
43 $(DESTDIR)$(LIBDEST)/distutils/tests ; \ 43 $(DESTDIR)$(LIBDEST)/distutils/tests ; \
44 fi 44 fi
45 PYTHONPATH=$(DESTDIR)$(LIBDEST) $(RUNSHARED) \ 45 PYTHONPATH=$(DESTDIR)$(LIBDEST) $(RUNSHARED) \
@@ -73,10 +73,10 @@ Index: Python-2.7.12/Makefile.pre.in
73 73
74 # Create the PLATDIR source directory, if one wasn't distributed.. 74 # Create the PLATDIR source directory, if one wasn't distributed..
75 $(srcdir)/Lib/$(PLATDIR): 75 $(srcdir)/Lib/$(PLATDIR):
76Index: Python-2.7.12/setup.py 76Index: Python-2.7.13/setup.py
77=================================================================== 77===================================================================
78--- Python-2.7.12.orig/setup.py 78--- Python-2.7.13.orig/setup.py
79+++ Python-2.7.12/setup.py 79+++ Python-2.7.13/setup.py
80@@ -350,6 +350,7 @@ class PyBuildExt(build_ext): 80@@ -350,6 +350,7 @@ class PyBuildExt(build_ext):
81 self.failed.append(ext.name) 81 self.failed.append(ext.name)
82 self.announce('*** WARNING: renaming "%s" since importing it' 82 self.announce('*** WARNING: renaming "%s" since importing it'
diff --git a/meta/recipes-devtools/python/python/multilib.patch b/meta/recipes-devtools/python/python/multilib.patch
index b169133d7d..50cc5911aa 100644
--- a/meta/recipes-devtools/python/python/multilib.patch
+++ b/meta/recipes-devtools/python/python/multilib.patch
@@ -1,11 +1,11 @@
1Rebased for python-2.7.9 1Rebased for python-2.7.9
2Signed-off-by: Alejandro Hernandez <alejandro.hernandez@linux.intel.com> 2Signed-off-by: Alejandro Hernandez <alejandro.hernandez@linux.intel.com>
3 3
4Index: Python-2.7.12/configure.ac 4Index: Python-2.7.13/configure.ac
5=================================================================== 5===================================================================
6--- Python-2.7.12.orig/configure.ac 6--- Python-2.7.13.orig/configure.ac
7+++ Python-2.7.12/configure.ac 7+++ Python-2.7.13/configure.ac
8@@ -756,6 +756,10 @@ SunOS*) 8@@ -759,6 +759,10 @@ SunOS*)
9 ;; 9 ;;
10 esac 10 esac
11 11
@@ -16,10 +16,10 @@ Index: Python-2.7.12/configure.ac
16 16
17 AC_SUBST(LIBRARY) 17 AC_SUBST(LIBRARY)
18 AC_MSG_CHECKING(LIBRARY) 18 AC_MSG_CHECKING(LIBRARY)
19Index: Python-2.7.12/Include/pythonrun.h 19Index: Python-2.7.13/Include/pythonrun.h
20=================================================================== 20===================================================================
21--- Python-2.7.12.orig/Include/pythonrun.h 21--- Python-2.7.13.orig/Include/pythonrun.h
22+++ Python-2.7.12/Include/pythonrun.h 22+++ Python-2.7.13/Include/pythonrun.h
23@@ -108,6 +108,7 @@ PyAPI_FUNC(char *) Py_GetPath(void); 23@@ -108,6 +108,7 @@ PyAPI_FUNC(char *) Py_GetPath(void);
24 /* In their own files */ 24 /* In their own files */
25 PyAPI_FUNC(const char *) Py_GetVersion(void); 25 PyAPI_FUNC(const char *) Py_GetVersion(void);
@@ -28,10 +28,10 @@ Index: Python-2.7.12/Include/pythonrun.h
28 PyAPI_FUNC(const char *) Py_GetCopyright(void); 28 PyAPI_FUNC(const char *) Py_GetCopyright(void);
29 PyAPI_FUNC(const char *) Py_GetCompiler(void); 29 PyAPI_FUNC(const char *) Py_GetCompiler(void);
30 PyAPI_FUNC(const char *) Py_GetBuildInfo(void); 30 PyAPI_FUNC(const char *) Py_GetBuildInfo(void);
31Index: Python-2.7.12/Lib/distutils/command/install.py 31Index: Python-2.7.13/Lib/distutils/command/install.py
32=================================================================== 32===================================================================
33--- Python-2.7.12.orig/Lib/distutils/command/install.py 33--- Python-2.7.13.orig/Lib/distutils/command/install.py
34+++ Python-2.7.12/Lib/distutils/command/install.py 34+++ Python-2.7.13/Lib/distutils/command/install.py
35@@ -22,6 +22,8 @@ from site import USER_BASE 35@@ -22,6 +22,8 @@ from site import USER_BASE
36 from site import USER_SITE 36 from site import USER_SITE
37 37
@@ -50,10 +50,10 @@ Index: Python-2.7.12/Lib/distutils/command/install.py
50 'headers': '$base/include/python$py_version_short/$dist_name', 50 'headers': '$base/include/python$py_version_short/$dist_name',
51 'scripts': '$base/bin', 51 'scripts': '$base/bin',
52 'data' : '$base', 52 'data' : '$base',
53Index: Python-2.7.12/Lib/distutils/sysconfig.py 53Index: Python-2.7.13/Lib/distutils/sysconfig.py
54=================================================================== 54===================================================================
55--- Python-2.7.12.orig/Lib/distutils/sysconfig.py 55--- Python-2.7.13.orig/Lib/distutils/sysconfig.py
56+++ Python-2.7.12/Lib/distutils/sysconfig.py 56+++ Python-2.7.13/Lib/distutils/sysconfig.py
57@@ -119,8 +119,11 @@ def get_python_lib(plat_specific=0, stan 57@@ -119,8 +119,11 @@ def get_python_lib(plat_specific=0, stan
58 prefix = plat_specific and EXEC_PREFIX or PREFIX 58 prefix = plat_specific and EXEC_PREFIX or PREFIX
59 59
@@ -68,23 +68,23 @@ Index: Python-2.7.12/Lib/distutils/sysconfig.py
68 if standard_lib: 68 if standard_lib:
69 return libpython 69 return libpython
70 else: 70 else:
71Index: Python-2.7.12/Lib/pydoc.py 71Index: Python-2.7.13/Lib/pydoc.py
72=================================================================== 72===================================================================
73--- Python-2.7.12.orig/Lib/pydoc.py 73--- Python-2.7.13.orig/Lib/pydoc.py
74+++ Python-2.7.12/Lib/pydoc.py 74+++ Python-2.7.13/Lib/pydoc.py
75@@ -384,7 +384,7 @@ class Doc: 75@@ -375,7 +375,7 @@ class Doc:
76 docmodule = docclass = docroutine = docother = docproperty = docdata = fail
76 77
77 docloc = os.environ.get("PYTHONDOCS", 78 def getdocloc(self, object,
78 "http://docs.python.org/library") 79- basedir=os.path.join(sys.exec_prefix, "lib",
79- basedir = os.path.join(sys.exec_prefix, "lib", 80+ basedir=os.path.join(sys.exec_prefix, "sys.lib",
80+ basedir = os.path.join(sys.exec_prefix, sys.lib, 81 "python"+sys.version[0:3])):
81 "python"+sys.version[0:3]) 82 """Return the location of module docs or None"""
82 if (isinstance(object, type(os)) and 83
83 (object.__name__ in ('errno', 'exceptions', 'gc', 'imp', 84Index: Python-2.7.13/Lib/site.py
84Index: Python-2.7.12/Lib/site.py
85=================================================================== 85===================================================================
86--- Python-2.7.12.orig/Lib/site.py 86--- Python-2.7.13.orig/Lib/site.py
87+++ Python-2.7.12/Lib/site.py 87+++ Python-2.7.13/Lib/site.py
88@@ -288,13 +288,18 @@ def getsitepackages(): 88@@ -288,13 +288,18 @@ def getsitepackages():
89 if sys.platform in ('os2emx', 'riscos'): 89 if sys.platform in ('os2emx', 'riscos'):
90 sitepackages.append(os.path.join(prefix, "Lib", "site-packages")) 90 sitepackages.append(os.path.join(prefix, "Lib", "site-packages"))
@@ -104,13 +104,13 @@ Index: Python-2.7.12/Lib/site.py
104 sitepackages.append(prefix) 104 sitepackages.append(prefix)
105- sitepackages.append(os.path.join(prefix, "lib", "site-packages")) 105- sitepackages.append(os.path.join(prefix, "lib", "site-packages"))
106+ sitepackages.append(os.path.join(prefix, sys.lib, "site-packages")) 106+ sitepackages.append(os.path.join(prefix, sys.lib, "site-packages"))
107 if sys.platform == "darwin": 107 return sitepackages
108 # for framework builds *only* we add the standard Apple 108
109 # locations. 109 def addsitepackages(known_paths):
110Index: Python-2.7.12/Lib/sysconfig.py 110Index: Python-2.7.13/Lib/sysconfig.py
111=================================================================== 111===================================================================
112--- Python-2.7.12.orig/Lib/sysconfig.py 112--- Python-2.7.13.orig/Lib/sysconfig.py
113+++ Python-2.7.12/Lib/sysconfig.py 113+++ Python-2.7.13/Lib/sysconfig.py
114@@ -7,10 +7,10 @@ from os.path import pardir, realpath 114@@ -7,10 +7,10 @@ from os.path import pardir, realpath
115 115
116 _INSTALL_SCHEMES = { 116 _INSTALL_SCHEMES = {
@@ -139,10 +139,10 @@ Index: Python-2.7.12/Lib/sysconfig.py
139 'include': '{userbase}/include/python{py_version_short}', 139 'include': '{userbase}/include/python{py_version_short}',
140 'scripts': '{userbase}/bin', 140 'scripts': '{userbase}/bin',
141 'data' : '{userbase}', 141 'data' : '{userbase}',
142Index: Python-2.7.12/Lib/test/test_dl.py 142Index: Python-2.7.13/Lib/test/test_dl.py
143=================================================================== 143===================================================================
144--- Python-2.7.12.orig/Lib/test/test_dl.py 144--- Python-2.7.13.orig/Lib/test/test_dl.py
145+++ Python-2.7.12/Lib/test/test_dl.py 145+++ Python-2.7.13/Lib/test/test_dl.py
146@@ -4,10 +4,11 @@ 146@@ -4,10 +4,11 @@
147 import unittest 147 import unittest
148 from test.test_support import verbose, import_module 148 from test.test_support import verbose, import_module
@@ -157,14 +157,14 @@ Index: Python-2.7.12/Lib/test/test_dl.py
157 ('/usr/bin/cygwin1.dll', 'getpid'), 157 ('/usr/bin/cygwin1.dll', 'getpid'),
158 ('/usr/lib/libc.dylib', 'getpid'), 158 ('/usr/lib/libc.dylib', 'getpid'),
159 ] 159 ]
160Index: Python-2.7.12/Lib/test/test_site.py 160Index: Python-2.7.13/Lib/test/test_site.py
161=================================================================== 161===================================================================
162--- Python-2.7.12.orig/Lib/test/test_site.py 162--- Python-2.7.13.orig/Lib/test/test_site.py
163+++ Python-2.7.12/Lib/test/test_site.py 163+++ Python-2.7.13/Lib/test/test_site.py
164@@ -246,12 +246,16 @@ class HelperFunctionsTests(unittest.Test 164@@ -235,12 +235,16 @@ class HelperFunctionsTests(unittest.Test
165 self.assertEqual(dirs[2], wanted) 165 self.assertEqual(dirs[0], wanted)
166 elif os.sep == '/': 166 elif os.sep == '/':
167 # OS X non-framwework builds, Linux, FreeBSD, etc 167 # OS X, Linux, FreeBSD, etc
168- self.assertEqual(len(dirs), 2) 168- self.assertEqual(len(dirs), 2)
169 wanted = os.path.join('xoxo', 'lib', 'python' + sys.version[:3], 169 wanted = os.path.join('xoxo', 'lib', 'python' + sys.version[:3],
170 'site-packages') 170 'site-packages')
@@ -181,10 +181,10 @@ Index: Python-2.7.12/Lib/test/test_site.py
181 else: 181 else:
182 # other platforms 182 # other platforms
183 self.assertEqual(len(dirs), 2) 183 self.assertEqual(len(dirs), 2)
184Index: Python-2.7.12/Lib/trace.py 184Index: Python-2.7.13/Lib/trace.py
185=================================================================== 185===================================================================
186--- Python-2.7.12.orig/Lib/trace.py 186--- Python-2.7.13.orig/Lib/trace.py
187+++ Python-2.7.12/Lib/trace.py 187+++ Python-2.7.13/Lib/trace.py
188@@ -754,10 +754,10 @@ def main(argv=None): 188@@ -754,10 +754,10 @@ def main(argv=None):
189 # should I also call expanduser? (after all, could use $HOME) 189 # should I also call expanduser? (after all, could use $HOME)
190 190
@@ -198,10 +198,10 @@ Index: Python-2.7.12/Lib/trace.py
198 "python" + sys.version[:3])) 198 "python" + sys.version[:3]))
199 s = os.path.normpath(s) 199 s = os.path.normpath(s)
200 ignore_dirs.append(s) 200 ignore_dirs.append(s)
201Index: Python-2.7.12/Makefile.pre.in 201Index: Python-2.7.13/Makefile.pre.in
202=================================================================== 202===================================================================
203--- Python-2.7.12.orig/Makefile.pre.in 203--- Python-2.7.13.orig/Makefile.pre.in
204+++ Python-2.7.12/Makefile.pre.in 204+++ Python-2.7.13/Makefile.pre.in
205@@ -92,6 +92,7 @@ PY_CFLAGS= $(CFLAGS) $(CPPFLAGS) $(CFLAG 205@@ -92,6 +92,7 @@ PY_CFLAGS= $(CFLAGS) $(CPPFLAGS) $(CFLAG
206 206
207 # Machine-dependent subdirectories 207 # Machine-dependent subdirectories
@@ -219,7 +219,7 @@ Index: Python-2.7.12/Makefile.pre.in
219 219
220 # Detailed destination directories 220 # Detailed destination directories
221 BINLIBDEST= $(LIBDIR)/python$(VERSION) 221 BINLIBDEST= $(LIBDIR)/python$(VERSION)
222@@ -670,6 +671,7 @@ Modules/getpath.o: $(srcdir)/Modules/get 222@@ -669,6 +670,7 @@ Modules/getpath.o: $(srcdir)/Modules/get
223 -DEXEC_PREFIX='"$(exec_prefix)"' \ 223 -DEXEC_PREFIX='"$(exec_prefix)"' \
224 -DVERSION='"$(VERSION)"' \ 224 -DVERSION='"$(VERSION)"' \
225 -DVPATH='"$(VPATH)"' \ 225 -DVPATH='"$(VPATH)"' \
@@ -227,7 +227,7 @@ Index: Python-2.7.12/Makefile.pre.in
227 -o $@ $(srcdir)/Modules/getpath.c 227 -o $@ $(srcdir)/Modules/getpath.c
228 228
229 Modules/python.o: $(srcdir)/Modules/python.c 229 Modules/python.o: $(srcdir)/Modules/python.c
230@@ -721,7 +723,7 @@ $(AST_C): $(AST_ASDL) $(ASDLGEN_FILES) 230@@ -709,7 +711,7 @@ $(AST_C): $(AST_ASDL) $(ASDLGEN_FILES)
231 Python/compile.o Python/symtable.o Python/ast.o: $(GRAMMAR_H) $(AST_H) 231 Python/compile.o Python/symtable.o Python/ast.o: $(GRAMMAR_H) $(AST_H)
232 232
233 Python/getplatform.o: $(srcdir)/Python/getplatform.c 233 Python/getplatform.o: $(srcdir)/Python/getplatform.c
@@ -236,10 +236,10 @@ Index: Python-2.7.12/Makefile.pre.in
236 236
237 Python/importdl.o: $(srcdir)/Python/importdl.c 237 Python/importdl.o: $(srcdir)/Python/importdl.c
238 $(CC) -c $(PY_CFLAGS) -I$(DLINCLDIR) -o $@ $(srcdir)/Python/importdl.c 238 $(CC) -c $(PY_CFLAGS) -I$(DLINCLDIR) -o $@ $(srcdir)/Python/importdl.c
239Index: Python-2.7.12/Modules/getpath.c 239Index: Python-2.7.13/Modules/getpath.c
240=================================================================== 240===================================================================
241--- Python-2.7.12.orig/Modules/getpath.c 241--- Python-2.7.13.orig/Modules/getpath.c
242+++ Python-2.7.12/Modules/getpath.c 242+++ Python-2.7.13/Modules/getpath.c
243@@ -100,6 +100,13 @@ 243@@ -100,6 +100,13 @@
244 #error "PREFIX, EXEC_PREFIX, VERSION, and VPATH must be constant defined" 244 #error "PREFIX, EXEC_PREFIX, VERSION, and VPATH must be constant defined"
245 #endif 245 #endif
@@ -263,10 +263,10 @@ Index: Python-2.7.12/Modules/getpath.c
263 263
264 static void 264 static void
265 reduce(char *dir) 265 reduce(char *dir)
266Index: Python-2.7.12/Python/getplatform.c 266Index: Python-2.7.13/Python/getplatform.c
267=================================================================== 267===================================================================
268--- Python-2.7.12.orig/Python/getplatform.c 268--- Python-2.7.13.orig/Python/getplatform.c
269+++ Python-2.7.12/Python/getplatform.c 269+++ Python-2.7.13/Python/getplatform.c
270@@ -10,3 +10,13 @@ Py_GetPlatform(void) 270@@ -10,3 +10,13 @@ Py_GetPlatform(void)
271 { 271 {
272 return PLATFORM; 272 return PLATFORM;
@@ -281,10 +281,10 @@ Index: Python-2.7.12/Python/getplatform.c
281+{ 281+{
282+ return LIB; 282+ return LIB;
283+} 283+}
284Index: Python-2.7.12/Python/sysmodule.c 284Index: Python-2.7.13/Python/sysmodule.c
285=================================================================== 285===================================================================
286--- Python-2.7.12.orig/Python/sysmodule.c 286--- Python-2.7.13.orig/Python/sysmodule.c
287+++ Python-2.7.12/Python/sysmodule.c 287+++ Python-2.7.13/Python/sysmodule.c
288@@ -1437,6 +1437,8 @@ _PySys_Init(void) 288@@ -1437,6 +1437,8 @@ _PySys_Init(void)
289 PyString_FromString(Py_GetCopyright())); 289 PyString_FromString(Py_GetCopyright()));
290 SET_SYS_FROM_STRING("platform", 290 SET_SYS_FROM_STRING("platform",
diff --git a/meta/recipes-devtools/python/python/python-fix-CVE-2016-1000110.patch b/meta/recipes-devtools/python/python/python-fix-CVE-2016-1000110.patch
deleted file mode 100644
index 97888e2b08..0000000000
--- a/meta/recipes-devtools/python/python/python-fix-CVE-2016-1000110.patch
+++ /dev/null
@@ -1,162 +0,0 @@
1From cb25fbd5abc0f4eb07dbb8ea819e9c26bda4fc99 Mon Sep 17 00:00:00 2001
2From: Senthil Kumaran <senthil@uthcode.com>
3Date: Sat, 30 Jul 2016 05:49:53 -0700
4Subject: [PATCH] python: fix CVE-2016-1000110
5MIME-Version: 1.0
6Content-Type: text/plain; charset=UTF-8
7Content-Transfer-Encoding: 8bit
8
9Prevent HTTPoxy attack (CVE-2016-1000110)
10
11Ignore the HTTP_PROXY variable when REQUEST_METHOD environment is set, which
12indicates that the script is in CGI mode.
13
14Issue reported and patch contributed by Rémi Rampin.
15
16Backport patch from https://hg.python.org/cpython/rev/ba915d561667/
17
18Upstream-Status: Backport
19CVE: CVE-2016-1000110
20Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com>
21---
22 Doc/howto/urllib2.rst | 5 +++++
23 Doc/library/urllib.rst | 10 ++++++++++
24 Doc/library/urllib2.rst | 5 +++++
25 Lib/test/test_urllib.py | 12 ++++++++++++
26 Lib/urllib.py | 9 +++++++++
27 Misc/ACKS | 1 +
28 Misc/NEWS | 4 ++++
29 7 files changed, 46 insertions(+)
30
31diff --git a/Doc/howto/urllib2.rst b/Doc/howto/urllib2.rst
32index 6bb06d4..5cf2c0c 100644
33--- a/Doc/howto/urllib2.rst
34+++ b/Doc/howto/urllib2.rst
35@@ -525,6 +525,11 @@ setting up a `Basic Authentication`_ handler: ::
36 through a proxy. However, this can be enabled by extending urllib2 as
37 shown in the recipe [#]_.
38
39+.. note::
40+
41+ ``HTTP_PROXY`` will be ignored if a variable ``REQUEST_METHOD`` is set; see
42+ the documentation on :func:`~urllib.getproxies`.
43+
44
45 Sockets and Layers
46 ==================
47diff --git a/Doc/library/urllib.rst b/Doc/library/urllib.rst
48index 3b5dc16..bddcba9 100644
49--- a/Doc/library/urllib.rst
50+++ b/Doc/library/urllib.rst
51@@ -295,6 +295,16 @@ Utility functions
52 If both lowercase and uppercase environment variables exist (and disagree),
53 lowercase is preferred.
54
55+ .. note::
56+
57+ If the environment variable ``REQUEST_METHOD`` is set, which usually
58+ indicates your script is running in a CGI environment, the environment
59+ variable ``HTTP_PROXY`` (uppercase ``_PROXY``) will be ignored. This is
60+ because that variable can be injected by a client using the "Proxy:"
61+ HTTP header. If you need to use an HTTP proxy in a CGI environment,
62+ either use ``ProxyHandler`` explicitly, or make sure the variable name
63+ is in lowercase (or at least the ``_proxy`` suffix).
64+
65 .. note::
66 urllib also exposes certain utility functions like splittype, splithost and
67 others parsing URL into various components. But it is recommended to use
68diff --git a/Doc/library/urllib2.rst b/Doc/library/urllib2.rst
69index 8a4c80e..b808b98 100644
70--- a/Doc/library/urllib2.rst
71+++ b/Doc/library/urllib2.rst
72@@ -229,6 +229,11 @@ The following classes are provided:
73
74 To disable autodetected proxy pass an empty dictionary.
75
76+ .. note::
77+
78+ ``HTTP_PROXY`` will be ignored if a variable ``REQUEST_METHOD`` is set;
79+ see the documentation on :func:`~urllib.getproxies`.
80+
81
82 .. class:: HTTPPasswordMgr()
83
84diff --git a/Lib/test/test_urllib.py b/Lib/test/test_urllib.py
85index 434d533..27a1d38 100644
86--- a/Lib/test/test_urllib.py
87+++ b/Lib/test/test_urllib.py
88@@ -170,6 +170,18 @@ class ProxyTests(unittest.TestCase):
89 self.assertTrue(urllib.proxy_bypass_environment('anotherdomain.com:8888'))
90 self.assertTrue(urllib.proxy_bypass_environment('newdomain.com:1234'))
91
92+ def test_proxy_cgi_ignore(self):
93+ try:
94+ self.env.set('HTTP_PROXY', 'http://somewhere:3128')
95+ proxies = urllib.getproxies_environment()
96+ self.assertEqual('http://somewhere:3128', proxies['http'])
97+ self.env.set('REQUEST_METHOD', 'GET')
98+ proxies = urllib.getproxies_environment()
99+ self.assertNotIn('http', proxies)
100+ finally:
101+ self.env.unset('REQUEST_METHOD')
102+ self.env.unset('HTTP_PROXY')
103+
104 def test_proxy_bypass_environment_host_match(self):
105 bypass = urllib.proxy_bypass_environment
106 self.env.set('NO_PROXY',
107diff --git a/Lib/urllib.py b/Lib/urllib.py
108index 139fab9..c3ba2c9 100644
109--- a/Lib/urllib.py
110+++ b/Lib/urllib.py
111@@ -1380,12 +1380,21 @@ def getproxies_environment():
112 If you need a different way, you can pass a proxies dictionary to the
113 [Fancy]URLopener constructor.
114 """
115+ # Get all variables
116 proxies = {}
117 for name, value in os.environ.items():
118 name = name.lower()
119 if value and name[-6:] == '_proxy':
120 proxies[name[:-6]] = value
121
122+ # CVE-2016-1000110 - If we are running as CGI script, forget HTTP_PROXY
123+ # (non-all-lowercase) as it may be set from the web server by a "Proxy:"
124+ # header from the client
125+ # If "proxy" is lowercase, it will still be used thanks to the next block
126+ if 'REQUEST_METHOD' in os.environ:
127+ proxies.pop('http', None)
128+
129+ # Get lowercase variables
130 for name, value in os.environ.items():
131 if name[-6:] == '_proxy':
132 name = name.lower()
133diff --git a/Misc/ACKS b/Misc/ACKS
134index ee3a465..9c374b7 100644
135--- a/Misc/ACKS
136+++ b/Misc/ACKS
137@@ -1121,6 +1121,7 @@ Burton Radons
138 Jeff Ramnani
139 Varpu Rantala
140 Brodie Rao
141+Rémi Rampin
142 Senko Rasic
143 Antti Rasinen
144 Nikolaus Rath
145diff --git a/Misc/NEWS b/Misc/NEWS
146index 4ab3a70..cc2f65b 100644
147--- a/Misc/NEWS
148+++ b/Misc/NEWS
149@@ -187,6 +187,10 @@ Library
150 - Issue #26644: Raise ValueError rather than SystemError when a negative
151 length is passed to SSLSocket.recv() or read().
152
153+- Issue #27568: Prevent HTTPoxy attack (CVE-2016-1000110). Ignore the
154+ HTTP_PROXY variable when REQUEST_METHOD environment is set, which indicates
155+ that the script is in CGI mode.
156+
157 - Issue #23804: Fix SSL recv(0) and read(0) methods to return zero bytes
158 instead of up to 1024.
159
160--
1612.8.1
162
diff --git a/meta/recipes-devtools/python/python_2.7.12.bb b/meta/recipes-devtools/python/python_2.7.13.bb
index 2c6a3194a2..4ef99523e0 100644
--- a/meta/recipes-devtools/python/python_2.7.12.bb
+++ b/meta/recipes-devtools/python/python_2.7.13.bb
@@ -26,7 +26,6 @@ SRC_URI += "\
26 file://parallel-makeinst-create-bindir.patch \ 26 file://parallel-makeinst-create-bindir.patch \
27 file://use_sysroot_ncurses_instead_of_host.patch \ 27 file://use_sysroot_ncurses_instead_of_host.patch \
28 file://add-CROSSPYTHONPATH-for-PYTHON_FOR_BUILD.patch \ 28 file://add-CROSSPYTHONPATH-for-PYTHON_FOR_BUILD.patch \
29 file://python-fix-CVE-2016-1000110.patch \
30 file://Don-t-use-getentropy-on-Linux.patch \ 29 file://Don-t-use-getentropy-on-Linux.patch \
31" 30"
32 31
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-11-14 20:00:15 +0000