From 104735ad1e0c9c62fafe96a77ef1c042aa3e3bc1 Mon Sep 17 00:00:00 2001 From: Tomas Orsava Date: Jun 20 2016 09:33:55 +0000 Subject: Fix for: CVE-2016-0772 python: smtplib StartTLS stripping attack (rhbz#1303647) Raise an error when STARTTLS fails. - rhbz#1303647: https://bugzilla.redhat.com/show_bug.cgi?id=1303647 - rhbz#1346345: https://bugzilla.redhat.com/show_bug.cgi?id=1346345 - Fixed upstream: https://hg.python.org/cpython/rev/d590114c2394 --- diff --git a/00210-Raise-an-error-when-STARTTLS-fails.patch b/00210-Raise-an-error-when-STARTTLS-fails.patch new file mode 100644 index 0000000..9083e61 --- /dev/null +++ b/00210-Raise-an-error-when-STARTTLS-fails.patch @@ -0,0 +1,35 @@ +From 761db274ca898f8a92348ed5979d3d3c1b0d634a Mon Sep 17 00:00:00 2001 +From: Tomas Orsava +Date: Fri, 17 Jun 2016 16:08:11 +0200 +Subject: [PATCH] Raise an error when STARTTLS fails + +CVE-2016-0772 python: smtplib StartTLS stripping attack +rhbz#1303647: https://bugzilla.redhat.com/show_bug.cgi?id=1303647 +rhbz#1346345: https://bugzilla.redhat.com/show_bug.cgi?id=1346345 + +Based on an upstream change by Benjamin Peterson +- in changeset 101887:d590114c2394 3.4 +- https://hg.python.org/cpython/rev/d590114c2394 +--- + Lib/smtplib.py | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/Lib/smtplib.py b/Lib/smtplib.py +index 4756973..dfbf5f9 100755 +--- a/Lib/smtplib.py ++++ b/Lib/smtplib.py +@@ -773,6 +773,11 @@ class SMTP: + self.ehlo_resp = None + self.esmtp_features = {} + self.does_esmtp = 0 ++ else: ++ # RFC 3207: ++ # 501 Syntax error (no parameters allowed) ++ # 454 TLS not available due to temporary reason ++ raise SMTPResponseException(resp, reply) + return (resp, reply) + + def sendmail(self, from_addr, to_addrs, msg, mail_options=[], +-- +2.5.5 + diff --git a/python3.spec b/python3.spec index 5c84fad..3a72d54 100644 --- a/python3.spec +++ b/python3.spec @@ -140,7 +140,7 @@ Summary: Version 3 of the Python programming language aka Python 3000 Name: python3 Version: %{pybasever}.3 -Release: 7%{?dist} +Release: 8%{?dist} License: Python Group: Development/Languages @@ -736,6 +736,13 @@ Patch204: 00204-increase-dh-keys-size.patch # FIXED UPSTREAM Patch209: 00209-prevent-buffer-overflow-in-zipimport-module.patch +# 00210 # +# CVE-2016-0772 python: smtplib StartTLS stripping attack +# rhbz#1303647: https://bugzilla.redhat.com/show_bug.cgi?id=1303647 +# rhbz#1346345: https://bugzilla.redhat.com/show_bug.cgi?id=1346345 +# FIXED UPSTREAM: https://hg.python.org/cpython/rev/d590114c2394 +# Raise an error when STARTTLS fails +Patch210: 00210-Raise-an-error-when-STARTTLS-fails.patch # (New patches go here ^^^) # @@ -1029,6 +1036,7 @@ sed -r -i s/'_PIP_VERSION = "[0-9.]+"'/'_PIP_VERSION = "%{pip_version}"'/ Lib/en %patch204 -p1 %patch209 -p1 +%patch210 -p1 # Currently (2010-01-15), http://docs.python.org/library is for 2.6, and there # are many differences between 2.6 and the Python 3 library. @@ -1923,6 +1931,13 @@ rm -fr %{buildroot} # ====================================================== %changelog +* Thu Jun 16 2016 Tomas Orsava - 3.4.3-8 +- Fix for: CVE-2016-0772 python: smtplib StartTLS stripping attack +- Raise an error when STARTTLS fails +- rhbz#1303647: https://bugzilla.redhat.com/show_bug.cgi?id=1303647 +- rhbz#1346345: https://bugzilla.redhat.com/show_bug.cgi?id=1346345 +- Fixed upstream: https://hg.python.org/cpython/rev/d590114c2394 + * Mon Jun 13 2016 Charalampos Stratakis - 3.4.3-7 - Added patch for fixing possible integer overflow and heap corruption in zipimporter.get_data()