6e205b10c0
Fixes the following security issues:
- CVE-2013-1752: Change use of readline() in :class:`imaplib.IMAP4_SSL` to limit line length
- CVE-2018-14647: The C accelerated _elementtree module now initializes hash
randomization salt from _Py_HashSecret instead of libexpat's default
CSPRNG.
For more details, see the NEWS file:
https://github.com/python/cpython/blob/v2.7.16/Misc/NEWS.d/2.7.16rc1.rst
Refresh patches, drop now upstream
package/python/0035-bpo-35746-Fix-segfault-in-ssl-s-cert-parser-GH-11569.patch
and adjust hash of LICENSE file for a change of copyright years.
run-tests results:
16:05:41 TestPython2 Starting
16:05:42 TestPython2 Building
16:11:26 TestPython2 Building done
16:11:32 TestPython2 Cleaning up
.
----------------------------------------------------------------------
Ran 1 test in 351.905s
OK
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit c970d7d640
)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
33 lines
998 B
Diff
33 lines
998 B
Diff
From 479bef8182c4f6b678a86820ccc06760ca60c286 Mon Sep 17 00:00:00 2001
|
|
From: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
|
Date: Tue, 7 Mar 2017 22:33:02 +0100
|
|
Subject: [PATCH] Add option to disable the hashlib module
|
|
|
|
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
|
[Peter: update for 2.7.16]
|
|
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
|
---
|
|
configure.ac | 6 ++++++
|
|
1 file changed, 6 insertions(+)
|
|
|
|
diff --git a/configure.ac b/configure.ac
|
|
index 6d19cdee95..ddccc79c2c 100644
|
|
--- a/configure.ac
|
|
+++ b/configure.ac
|
|
@@ -2869,6 +2869,12 @@ AC_ARG_ENABLE(ssl,
|
|
DISABLED_EXTENSIONS="${DISABLED_EXTENSIONS} _ssl"
|
|
fi])
|
|
|
|
+AC_ARG_ENABLE(hashlib,
|
|
+ AS_HELP_STRING([--disable-hashlib], [disable hashlib]),
|
|
+ [ if test "$enableval" = "no"; then
|
|
+ DISABLED_EXTENSIONS="${DISABLED_EXTENSIONS} _hashlib"
|
|
+ fi])
|
|
+
|
|
AC_ARG_ENABLE(bz2,
|
|
AS_HELP_STRING([--disable-bz2], [disable BZIP2]),
|
|
[ if test "$enableval" = "no"; then
|
|
--
|
|
2.11.0
|
|
|