NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
fd69af5e24
kumquat-buildroot/package/python
History
Peter Korsgaard e941599f69 package/python: add upstream security fix for CVE-2019-9740 
An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib
in Python 3.x through 3.7.3.  CRLF injection is possible if the attacker
controls a url parameter, as demonstrated by the first argument to
urllib.request.urlopen with \r\n (specifically in the query string after a ?
character) followed by an HTTP header or a Redis command.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-08-28 15:04:22 +02:00
..
0001-setup.py-do-not-add-invalid-header-locations.patch
0002-Fix-get_python_inc-for-cross-compilation.patch
0003-Change-the-install-location-of-_sysconfigdata.py.patch
0004-Make-the-compilation-of-.pyc-and-.pyo-conditional.patch
0005-Adjust-getaddrinfo-test-for-cross-compilation.patch
0006-Add-minimal-infrastructure-to-be-able-to-disable-ext.patch
0007-Adjust-library-header-paths-for-cross-compilation.patch
0008-Don-t-look-in-usr-lib-termcap-for-libraries.patch
0009-Fix-python-config-for-cross-builds.patch
0010-Remove-the-python-symlink-install-rules.patch
0011-Don-t-add-multiarch-paths.patch
0012-Abort-on-failed-module-build.patch
0013-sqlite3-fix-build-when-threads-are-not-used-availabl.patch
0014-Serial-ioctl-workaround.patch
0015-Do-not-adjust-the-shebang-of-Python-scripts-for-cros.patch
0016-Add-an-option-to-disable-installation-of-test-module.patch
0017-Add-an-option-to-disable-pydoc.patch
0018-Add-an-option-to-disable-lib2to3.patch
0019-Add-option-to-disable-the-sqlite3-module.patch
0020-Add-an-option-to-disable-the-tk-module.patch
0021-Add-an-option-to-disable-the-curses-module.patch
0022-Add-an-option-to-disable-expat.patch
0023-Add-an-option-to-disable-CJK-codecs.patch
0024-Add-an-option-to-disable-NIS.patch
0025-Add-an-option-to-disable-unicodedata.patch
0026-Add-an-option-to-disable-bsddb.patch
0027-Add-an-option-to-disable-the-ssl-module.patch
0028-Add-an-option-to-disable-the-bz2-module.patch
0029-Add-an-option-to-disable-the-zlib-module.patch
0030-Do-not-install-the-idle-editor.patch
0031-Add-an-option-to-disable-the-ossaudiodev-module.patch
0032-Add-option-to-disable-the-hashlib-module.patch
0033-Add-an-option-to-disable-readline-module.patch
0034-Override-system-locale-and-set-to-default-when-addin.patch
0035-bpo-35907-CVE-2019-9948-urllib-rejects-local_file-sc.patch
0036-bpo-36216-Add-check-for-characters-in-netloc-that-no.patch
0037-3.7-bpo-36216-Only-print-test-messages-when-verbose-.patch
0038-bpo-36742-Fixes-handling-of-pre-normalization-charac.patch
0039-bpo-36742-Corrects-fix-to-handle-decomposition-in-us.patch
0040-2.7-bpo-36742-Fix-urlparse.urlsplit-error-message-fo.patch
0041-bpo-30458-Disallow-control-chars-in-http-URLs-GH-127.patch
Config.in
python.hash
python.mk