b7b11d7e94
Rebased two patches. Changelog: https://docs.python.org/release/3.11.4/whatsnew/changelog.html#python-3-11-4 Fixes the following security problems: - gh-99889: Fixed a security in flaw in uu.decode() that could allow for directory traversal based on the input if no out_file was specified. - gh-104049: Do not expose the local on-disk location in directory indexes produced by http.client.SimpleHTTPRequestHandler. - gh-102153: urllib.parse.urlsplit() now strips leading C0 control and space characters following the specification for URLs defined by WHATWG in response to CVE-2023-24329. Patch by Illia Volochii. Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
123 lines
4.2 KiB
Diff
123 lines
4.2 KiB
Diff
From 0e4f0a525ea0a68f6d4c5349c301da2e9b0c8ac9 Mon Sep 17 00:00:00 2001
|
|
From: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
|
Date: Wed, 22 Feb 2017 17:15:31 -0800
|
|
Subject: [PATCH] Add an option to disable lib2to3
|
|
|
|
lib2to3 is a library to convert Python 2.x code to Python 3.x. As
|
|
such, it is probably not very useful on embedded system targets.
|
|
|
|
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
|
Signed-off-by: Samuel Martin <s.martin49@gmail.com>
|
|
[ Andrey Smirnov: ported to Python 3.6 ]
|
|
Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com>
|
|
[ Adam Duskett: ported to Python 3.10.0 ]
|
|
Signed-off-by: Adam Duskett <aduskett@gmail.com>
|
|
[ Bernd Kuhls: ported to Python 3.11.4]
|
|
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
|
|
---
|
|
Makefile.pre.in | 17 ++++++++++++-----
|
|
configure.ac | 6 ++++++
|
|
setup.py | 6 +++---
|
|
3 files changed, 21 insertions(+), 8 deletions(-)
|
|
|
|
diff --git a/Makefile.pre.in b/Makefile.pre.in
|
|
index 403380e181..f5d0573067 100644
|
|
--- a/Makefile.pre.in
|
|
+++ b/Makefile.pre.in
|
|
@@ -1868,7 +1868,9 @@ ifeq (@PYDOC@,yes)
|
|
(cd $(DESTDIR)$(BINDIR); $(LN) -s pydoc$(VERSION) pydoc3)
|
|
endif
|
|
-rm -f $(DESTDIR)$(BINDIR)/2to3
|
|
+ifeq (@LIB2TO3@,yes)
|
|
(cd $(DESTDIR)$(BINDIR); $(LN) -s 2to3-$(VERSION) 2to3)
|
|
+endif
|
|
if test "x$(LIPO_32BIT_FLAGS)" != "x" ; then \
|
|
rm -f $(DESTDIR)$(BINDIR)/python3-32$(EXE); \
|
|
(cd $(DESTDIR)$(BINDIR); $(LN) -s python$(VERSION)-32$(EXE) python3-32$(EXE)) \
|
|
@@ -1914,7 +1916,6 @@ LIBSUBDIRS= asyncio \
|
|
idlelib idlelib/Icons \
|
|
importlib importlib/resources importlib/metadata \
|
|
json \
|
|
- lib2to3 lib2to3/fixes lib2to3/pgen2 \
|
|
logging \
|
|
multiprocessing multiprocessing/dummy \
|
|
re \
|
|
@@ -1934,10 +1935,6 @@ LIBSUBDIRS= asyncio \
|
|
TESTSUBDIRS= ctypes/test \
|
|
distutils/tests \
|
|
idlelib/idle_test \
|
|
- lib2to3/tests \
|
|
- lib2to3/tests/data \
|
|
- lib2to3/tests/data/fixers \
|
|
- lib2to3/tests/data/fixers/myfixes \
|
|
test \
|
|
test/audiodata \
|
|
test/capath \
|
|
@@ -2013,6 +2010,14 @@ ifeq (@PYDOC@,yes)
|
|
LIBSUBDIRS += pydoc_data
|
|
endif
|
|
|
|
+ifeq (@LIB2TO3@,yes)
|
|
+LIBSUBDIRS += lib2to3 lib2to3/fixes lib2to3/pgen2
|
|
+TESTSUBDIRS += lib2to3/tests \
|
|
+ lib2to3/tests/data \
|
|
+ lib2to3/tests/data/fixers \
|
|
+ lib2to3/tests/data/fixers/myfixes
|
|
+endif
|
|
+
|
|
TEST_MODULES=@TEST_MODULES@
|
|
libinstall: all $(srcdir)/Modules/xxmodule.c
|
|
@for i in $(SCRIPTDIR) $(LIBDEST); \
|
|
@@ -2115,10 +2120,12 @@ ifeq (@PYC_BUILD@,yes)
|
|
-j0 -d $(LIBDEST)/site-packages -f \
|
|
-x badsyntax $(DESTDIR)$(LIBDEST)/site-packages
|
|
endif
|
|
+ifeq (@LIB2TO3@,yes)
|
|
-PYTHONPATH=$(DESTDIR)$(LIBDEST) $(RUNSHARED) \
|
|
$(PYTHON_FOR_BUILD) -m lib2to3.pgen2.driver $(DESTDIR)$(LIBDEST)/lib2to3/Grammar.txt
|
|
-PYTHONPATH=$(DESTDIR)$(LIBDEST) $(RUNSHARED) \
|
|
$(PYTHON_FOR_BUILD) -m lib2to3.pgen2.driver $(DESTDIR)$(LIBDEST)/lib2to3/PatternGrammar.txt
|
|
+endif
|
|
|
|
# bpo-21536: Misc/python-config.sh is generated in the build directory
|
|
# from $(srcdir)Misc/python-config.sh.in.
|
|
diff --git a/configure.ac b/configure.ac
|
|
index f68ea72321..d8e10cf2b2 100644
|
|
--- a/configure.ac
|
|
+++ b/configure.ac
|
|
@@ -7078,6 +7078,12 @@ PY_STDLIB_MOD([xxlimited_35], [test "$with_trace_refs" = "no"], [test "$ac_cv_fu
|
|
# substitute multiline block, must come after last PY_STDLIB_MOD()
|
|
AC_SUBST([MODULE_BLOCK])
|
|
|
|
+AC_SUBST(LIB2TO3)
|
|
+
|
|
+AC_ARG_ENABLE(lib2to3,
|
|
+ AS_HELP_STRING([--disable-lib2to3], [disable lib2to3]),
|
|
+ [ LIB2TO3="${enableval}" ], [ LIB2TO3=yes ])
|
|
+
|
|
# generate output files
|
|
AC_CONFIG_FILES(Makefile.pre Misc/python.pc Misc/python-embed.pc Misc/python-config.sh)
|
|
AC_CONFIG_FILES([Modules/Setup.bootstrap Modules/Setup.stdlib])
|
|
diff --git a/setup.py b/setup.py
|
|
index 3e55f5b2e0..c490b0b08f 100644
|
|
--- a/setup.py
|
|
+++ b/setup.py
|
|
@@ -1594,11 +1594,11 @@ class DummyProcess:
|
|
import warnings
|
|
warnings.filterwarnings("ignore",category=DeprecationWarning)
|
|
|
|
- scripts = ['Tools/scripts/idle3', 'Tools/scripts/2to3',
|
|
- 'Lib/smtpd.py']
|
|
+ scripts = ['Tools/scripts/idle3', 'Lib/smtpd.py']
|
|
if not '--disable-pydoc' in sysconfig.get_config_var("CONFIG_ARGS"):
|
|
scripts += [ 'Tools/scripts/pydoc3' ]
|
|
-
|
|
+ if not '--disable-lib2to3' in sysconfig.get_config_var("CONFIG_ARGS"):
|
|
+ scripts += [ 'Tools/scripts/2to3' ]
|
|
setup(# PyPI Metadata (PEP 301)
|
|
name = "Python",
|
|
version = sys.version.split()[0],
|
|
--
|
|
2.34.1
|
|
|