1 files changed, 0 insertions, 44 deletions
diff --git a/meta/recipes-devtools/python/python3/CVE-2016-5636.patch b/meta/recipes-devtools/python/python3/CVE-2016-5636.patch
deleted file mode 100644
index 0d494d20f4..0000000000
--- a/meta/recipes-devtools/python/python3/CVE-2016-5636.patch
+++ /dev/null
@@ -1,44 +0,0 @@
-# HG changeset patch
-# User Benjamin Peterson <benjamin@python.org>
-# Date 1453357506 28800
-# Node ID 10dad6da1b28ea4af78ad9529e469fdbf4ebbc8f
-# Parent  a3ac2cd93db9d5336dfd7b5b27efde2c568d8794# Parent  01ddd608b85c85952537d95a43bbabf4fb655057
-merge 3.4 (#26171)
-Upstream-Status: Backport
-CVE: CVE-2016-5636
-https://hg.python.org/cpython/raw-rev/10dad6da1b28
-Signed-off-by: Armin Kuster <akuster@mvista.com>
-Index: Python-3.5.1/Misc/NEWS
-===================================================================
--- Python-3.5.1.orig/Misc/NEWS
-+++ Python-3.5.1/Misc/NEWS
-@@ -91,6 +91,9 @@ Core and Builtins
-   Python.h header to fix a compilation error with OpenMP. PyThreadState_GET()
-   becomes an alias to PyThreadState_Get() to avoid ABI incompatibilies.
- 
-+- Issue #26171: Fix possible integer overflow and heap corruption in
-+  zipimporter.get_data().
-+
- Library
- -------
- 
-Index: Python-3.5.1/Modules/zipimport.c
-===================================================================
--- Python-3.5.1.orig/Modules/zipimport.c
-+++ Python-3.5.1/Modules/zipimport.c
-@@ -1112,6 +1112,11 @@ get_data(PyObject *archive, PyObject *to
-     }
-     file_offset += l;           /* Start of file data */
- 
-+    if (data_size > LONG_MAX - 1) {
-+        fclose(fp);
-+        PyErr_NoMemory();
-+        return NULL;
-+    }
-     bytes_size = compress == 0 ? data_size : data_size + 1;
-     if (bytes_size == 0)
-         bytes_size++;

diff --git a/meta/recipes-devtools/python/python3/CVE-2016-5636.patch b/meta/recipes-devtools/python/python3/CVE-2016-5636.patch deleted file mode 100644 index 0d494d20f4..0000000000 --- a/meta/recipes-devtools/python/python3/CVE-2016-5636.patch +++ /dev/null
@@ -1,44 +0,0 @@
1
2	# HG changeset patch
3	# User Benjamin Peterson <benjamin@python.org>
4	# Date 1453357506 28800
5	# Node ID 10dad6da1b28ea4af78ad9529e469fdbf4ebbc8f
6	# Parent a3ac2cd93db9d5336dfd7b5b27efde2c568d8794# Parent 01ddd608b85c85952537d95a43bbabf4fb655057
7	merge 3.4 (#26171)
8
9	Upstream-Status: Backport
10	CVE: CVE-2016-5636
11
12	https://hg.python.org/cpython/raw-rev/10dad6da1b28
13	Signed-off-by: Armin Kuster <akuster@mvista.com>
14
15	Index: Python-3.5.1/Misc/NEWS
16	===================================================================
17	--- Python-3.5.1.orig/Misc/NEWS
18	+++ Python-3.5.1/Misc/NEWS
19	@@ -91,6 +91,9 @@ Core and Builtins
20	Python.h header to fix a compilation error with OpenMP. PyThreadState_GET()
21	becomes an alias to PyThreadState_Get() to avoid ABI incompatibilies.
22
23	+- Issue #26171: Fix possible integer overflow and heap corruption in
24	+ zipimporter.get_data().
25	+
26	Library
27	-------
28
29	Index: Python-3.5.1/Modules/zipimport.c
30	===================================================================
31	--- Python-3.5.1.orig/Modules/zipimport.c
32	+++ Python-3.5.1/Modules/zipimport.c
33	@@ -1112,6 +1112,11 @@ get_data(PyObject archive, PyObject to
34	}
35	file_offset += l; /* Start of file data */
36
37	+ if (data_size > LONG_MAX - 1) {
38	+ fclose(fp);
39	+ PyErr_NoMemory();
40	+ return NULL;
41	+ }
42	bytes_size = compress == 0 ? data_size : data_size + 1;
43	if (bytes_size == 0)
44	bytes_size++;