summaryrefslogtreecommitdiffstats
path: root/meta
diff options
context:
space:
mode:
authorArmin Kuster <akuster@mvista.com>2016-07-16 16:04:15 -0700
committerRichard Purdie <richard.purdie@linuxfoundation.org>2016-07-20 10:28:52 +0100
commitd1fdd0ad55cbf8908730b1bb104908ded5213a38 (patch)
treee8226fe1f6b8cc05e4ddff3b9af2ac56671b009f /meta
parent81106cd333b03d78fc090dd09dd796cf083744e7 (diff)
downloadpoky-d1fdd0ad55cbf8908730b1bb104908ded5213a38.tar.gz
python3: Security fix CVE-2016-5636
Affects python3 < 3.5.1 Base Score (4.4) Medium (From OE-Core rev: a7cbd6805febadaad60d1e05899e10e9a8a36c26) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta')
-rw-r--r--meta/recipes-devtools/python/python3/CVE-2016-5636.patch44
-rw-r--r--meta/recipes-devtools/python/python3_3.5.1.bb1
2 files changed, 45 insertions, 0 deletions
diff --git a/meta/recipes-devtools/python/python3/CVE-2016-5636.patch b/meta/recipes-devtools/python/python3/CVE-2016-5636.patch
new file mode 100644
index 0000000000..0d494d20f4
--- /dev/null
+++ b/meta/recipes-devtools/python/python3/CVE-2016-5636.patch
@@ -0,0 +1,44 @@
1
2# HG changeset patch
3# User Benjamin Peterson <benjamin@python.org>
4# Date 1453357506 28800
5# Node ID 10dad6da1b28ea4af78ad9529e469fdbf4ebbc8f
6# Parent a3ac2cd93db9d5336dfd7b5b27efde2c568d8794# Parent 01ddd608b85c85952537d95a43bbabf4fb655057
7merge 3.4 (#26171)
8
9Upstream-Status: Backport
10CVE: CVE-2016-5636
11
12https://hg.python.org/cpython/raw-rev/10dad6da1b28
13Signed-off-by: Armin Kuster <akuster@mvista.com>
14
15Index: Python-3.5.1/Misc/NEWS
16===================================================================
17--- Python-3.5.1.orig/Misc/NEWS
18+++ Python-3.5.1/Misc/NEWS
19@@ -91,6 +91,9 @@ Core and Builtins
20 Python.h header to fix a compilation error with OpenMP. PyThreadState_GET()
21 becomes an alias to PyThreadState_Get() to avoid ABI incompatibilies.
22
23+- Issue #26171: Fix possible integer overflow and heap corruption in
24+ zipimporter.get_data().
25+
26 Library
27 -------
28
29Index: Python-3.5.1/Modules/zipimport.c
30===================================================================
31--- Python-3.5.1.orig/Modules/zipimport.c
32+++ Python-3.5.1/Modules/zipimport.c
33@@ -1112,6 +1112,11 @@ get_data(PyObject *archive, PyObject *to
34 }
35 file_offset += l; /* Start of file data */
36
37+ if (data_size > LONG_MAX - 1) {
38+ fclose(fp);
39+ PyErr_NoMemory();
40+ return NULL;
41+ }
42 bytes_size = compress == 0 ? data_size : data_size + 1;
43 if (bytes_size == 0)
44 bytes_size++;
diff --git a/meta/recipes-devtools/python/python3_3.5.1.bb b/meta/recipes-devtools/python/python3_3.5.1.bb
index 0d667d2ad8..bf29d1252f 100644
--- a/meta/recipes-devtools/python/python3_3.5.1.bb
+++ b/meta/recipes-devtools/python/python3_3.5.1.bb
@@ -37,6 +37,7 @@ SRC_URI += "\
37 file://setup.py-find-libraries-in-staging-dirs.patch \ 37 file://setup.py-find-libraries-in-staging-dirs.patch \
38 file://use_packed_importlib.patch \ 38 file://use_packed_importlib.patch \
39 file://configure.ac-fix-LIBPL.patch \ 39 file://configure.ac-fix-LIBPL.patch \
40 file://CVE-2016-5636.patch \
40 " 41 "
41SRC_URI[md5sum] = "e9ea6f2623fffcdd871b7b19113fde80" 42SRC_URI[md5sum] = "e9ea6f2623fffcdd871b7b19113fde80"
42SRC_URI[sha256sum] = "c6d57c0c366d9060ab6c0cdf889ebf3d92711d466cc0119c441dbf2746f725c9" 43SRC_URI[sha256sum] = "c6d57c0c366d9060ab6c0cdf889ebf3d92711d466cc0119c441dbf2746f725c9"