NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
c5a0c6f7ca
kumquat-buildroot/package/python3/0016-Add-option-to-disable-the-sqlite3-module.patch
Adam Duskett 0012baabfc package/python3: security bump version to 3.7.3 
Also remove upstream patch 0033.

Fixes the following security issues:

- bpo-36216: Changes urlsplit() to raise ValueError when the URL contains
  characters that decompose under IDNA encoding (NFKC-normalization) into
  characters that affect how the URL is parsed.

- bpo-35746: [CVE-2019-5010] Fix a NULL pointer deref in ssl module.  The
  cert parser did not handle CRL distribution points with empty DP or URI
  correctly.  A malicious or buggy certificate can result into segfault.
  Vulnerability (TALOS-2018-0758) reported by Colin Read and Nicolas Edet of
  Cisco.

- bpo-35121: Don’t send cookies of domain A without Domain attribute to
  domain B when domain A is a suffix match of domain B while using a
  cookiejar with http.cookiejar.DefaultCookiePolicy policy.  Patch by
  Karthikeyan Singaravelan.

For more details, see the changelog:
https://docs.python.org/3.7/whatsnew/changelog.html#python-3-7-3-final

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 6afc83b60f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-04-24 15:51:47 +02:00

70 lines
1.9 KiB
Diff
Raw Blame History

From f2965dfb1aa4f6b3216f3bb1d20f99326f127079 Mon Sep 17 00:00:00 2001
From: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Date: Wed, 22 Feb 2017 17:20:45 -0800
Subject: [PATCH] Add option to disable the sqlite3 module
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Samuel Martin <s.martin49@gmail.com>
[ Andrey Smirnov: ported to Python 3.6 ]
Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com>
---
Makefile.pre.in | 7 +++++--
configure.ac | 9 +++++++++
2 files changed, 14 insertions(+), 2 deletions(-)
diff --git a/Makefile.pre.in b/Makefile.pre.in
index 931cc3ed07..a1ce0712cd 100644
--- a/Makefile.pre.in
+++ b/Makefile.pre.in
@@ -1270,7 +1270,6 @@ LIBSUBDIRS= tkinter site-packages \
email email/mime \
ensurepip ensurepip/_bundled \
html json http dbm xmlrpc \
- sqlite3 \
logging csv wsgiref urllib \
ctypes ctypes/macholib \
idlelib idlelib/Icons \
@@ -1340,7 +1339,6 @@ TESTSUBDIRS= tkinter/test tkinter/test/test_tkinter \
test/test_asyncio \
test/test_email test/test_email/data \
test/test_json \
- sqlite3/test \
ctypes/test \
idlelib/idle_test \
distutils/tests \
@@ -1356,6 +1354,11 @@ TESTSUBDIRS += lib2to3/tests \
lib2to3/tests/data/fixers/myfixes
endif
+ifeq (@SQLITE3@,yes)
+LIBSUBDIRS += sqlite3
+TESTSUBDIRS += sqlite3/test
+endif
+
ifeq (@TEST_MODULES@,yes)
LIBSUBDIRS += $(TESTSUBDIRS)
endif
diff --git a/configure.ac b/configure.ac
index 13b2edf8b7..d7582cfea4 100644
--- a/configure.ac
+++ b/configure.ac
@@ -3226,6 +3226,15 @@ if test "$posix_threads" = "yes"; then
AC_CHECK_FUNCS(pthread_getcpuclockid)
fi
+AC_SUBST(SQLITE3)
+AC_ARG_ENABLE(sqlite3,
+ AS_HELP_STRING([--disable-sqlite3], [disable sqlite3]),
+ [ SQLITE3="${enableval}" ], [ SQLITE3=yes ])
+
+if test "$SQLITE3" = "no" ; then
+ DISABLED_EXTENSIONS="${DISABLED_EXTENSIONS} _sqlite3"
+fi
+
AC_SUBST(PYDOC)
AC_ARG_ENABLE(pydoc,
--
2.13.5
Reference in New Issue View Git Blame Copy Permalink