rpms / python3

Clone
Source Code
GIT

#55 Security fix for CVE-2018-14647 (#1631822)
Closed 5 years ago by churchyard. Opened 5 years ago by churchyard.
rpms/ churchyard/python3 310  into  master

file added
+84 
@@ -0,0 +1,84 @@ 
 

+ From 5f610ec2043aa6b52cb6a6b5e436df091a4f2d91 Mon Sep 17 00:00:00 2001
 

+ From: Christian Heimes <christian@python.org>
 

+ Date: Tue, 18 Sep 2018 14:38:58 +0200
 

+ Subject: [PATCH] bpo-34623: Use XML_SetHashSalt in _elementtree (GH-9146)
 

+ 

+ The C accelerated _elementtree module now initializes hash randomization
 

+ salt from _Py_HashSecret instead of libexpat's default CPRNG.
 

+ 

+ Signed-off-by: Christian Heimes <christian@python.org>
 

+ 

+ https://bugs.python.org/issue34623
 

+ (cherry picked from commit cb5778f00ce48631c7140f33ba242496aaf7102b)
 

+ 

+ Co-authored-by: Christian Heimes <christian@python.org>
 

+ ---
 

+  Include/pyexpat.h                                            | 4 +++-
 

+  .../next/Security/2018-09-10-16-05-39.bpo-34623.Ua9jMv.rst   | 2 ++
 

+  Modules/_elementtree.c                                       | 5 +++++
 

+  Modules/pyexpat.c                                            | 5 +++++
 

+  4 files changed, 15 insertions(+), 1 deletion(-)
 

+  create mode 100644 Misc/NEWS.d/next/Security/2018-09-10-16-05-39.bpo-34623.Ua9jMv.rst
 

+ 

+ diff --git a/Include/pyexpat.h b/Include/pyexpat.h
 

+ index 44259bf6d716..07020b5dc964 100644
 

+ --- a/Include/pyexpat.h
 

+ +++ b/Include/pyexpat.h
 

+ @@ -3,7 +3,7 @@
 

+  

+  /* note: you must import expat.h before importing this module! */
 

+  

+ -#define PyExpat_CAPI_MAGIC  "pyexpat.expat_CAPI 1.0"
 

+ +#define PyExpat_CAPI_MAGIC  "pyexpat.expat_CAPI 1.1"
 

+  #define PyExpat_CAPSULE_NAME "pyexpat.expat_CAPI"
 

+  

+  struct PyExpat_CAPI
 

+ @@ -48,6 +48,8 @@ struct PyExpat_CAPI
 

+      enum XML_Status (*SetEncoding)(XML_Parser parser, const XML_Char *encoding);
 

+      int (*DefaultUnknownEncodingHandler)(
 

+          void *encodingHandlerData, const XML_Char *name, XML_Encoding *info);
 

+ +    /* might be none for expat < 2.1.0 */
 

+ +    int (*SetHashSalt)(XML_Parser parser, unsigned long hash_salt);
 

+      /* always add new stuff to the end! */
 

+  };
 

+  

+ diff --git a/Misc/NEWS.d/next/Security/2018-09-10-16-05-39.bpo-34623.Ua9jMv.rst b/Misc/NEWS.d/next/Security/2018-09-10-16-05-39.bpo-34623.Ua9jMv.rst
 

+ new file mode 100644
 

+ index 000000000000..31ad92ef8582
 

+ --- /dev/null
 

+ +++ b/Misc/NEWS.d/next/Security/2018-09-10-16-05-39.bpo-34623.Ua9jMv.rst
 

+ @@ -0,0 +1,2 @@
 

+ +The C accelerated _elementtree module now initializes hash randomization
 

+ +salt from _Py_HashSecret instead of libexpat's default CSPRNG.
 

+ diff --git a/Modules/_elementtree.c b/Modules/_elementtree.c
 

+ index 1dfdb3ce34f3..4b86f96a70d3 100644
 

+ --- a/Modules/_elementtree.c
 

+ +++ b/Modules/_elementtree.c
 

+ @@ -3305,6 +3305,11 @@ _elementtree_XMLParser___init___impl(XMLParserObject *self, PyObject *html,
 

+          PyErr_NoMemory();
 

+          return -1;
 

+      }
 

+ +    /* expat < 2.1.0 has no XML_SetHashSalt() */
 

+ +    if (EXPAT(SetHashSalt) != NULL) {
 

+ +        EXPAT(SetHashSalt)(self->parser,
 

+ +                           (unsigned long)_Py_HashSecret.expat.hashsalt);
 

+ +    }
 

+  

+      if (target) {
 

+          Py_INCREF(target);
 

+ diff --git a/Modules/pyexpat.c b/Modules/pyexpat.c
 

+ index c8a01d4e088e..c52079e518f2 100644
 

+ --- a/Modules/pyexpat.c
 

+ +++ b/Modules/pyexpat.c
 

+ @@ -1877,6 +1877,11 @@ MODULE_INITFUNC(void)
 

+      capi.SetStartDoctypeDeclHandler = XML_SetStartDoctypeDeclHandler;
 

+      capi.SetEncoding = XML_SetEncoding;
 

+      capi.DefaultUnknownEncodingHandler = PyUnknownEncodingHandler;
 

+ +#if XML_COMBINED_VERSION >= 20100
 

+ +    capi.SetHashSalt = XML_SetHashSalt;
 

+ +#else
 

+ +    capi.SetHashSalt = NULL;
 

+ +#endif
 

+  

+      /* export using capsule */
 

+      capi_object = PyCapsule_New(&capi, PyExpat_CAPSULE_NAME, NULL);

file modified
+12 -1 
@@ -14,7 +14,7 @@ 
 

  #  WARNING  When rebasing to a new Python version,
 

  #           remember to update the python3-docs package as well
 

  Version: %{pybasever}.0
 

- Release: 9%{?dist}
 

+ Release: 10%{?dist}
 

  License: Python
 

  

  
@@ -320,6 +320,13 @@ 
 

  # See: https://bugzilla.redhat.com/show_bug.cgi?id=1609291
 

  Patch308: 00308-tls-1.3.patch
 

  

+ # 00310 #
 

+ # CVE-2018-14647
 

+ # Use XML_SetHashSalt in _elementtree
 

+ # rhbz#1631822
 

+ # Fixed upstream https://bugs.python.org/issue34623
 

+ Patch310: 00310-use-xml-sethashsalt-in-elementtree.patch
 

+ 

  # (New patches go here ^^^)
 

  #
 

  # When adding new patches to "python" and "python3" in Fedora, EL, etc.,
 
@@ -652,6 +659,7 @@ 
 

  %patch291 -p1
 

  %patch307 -p1
 

  %patch308 -p1
 

+ %patch310 -p1
 

  

  

  # Remove files that should be generated by the build
 
@@ -1553,6 +1561,9 @@ 
 

  # ======================================================
 

  

  %changelog
 

+ * Mon Sep 24 2018 Miro Hrončok <mhroncok@redhat.com> - 3.7.0-10
 

+ - Security fix for CVE-2018-14647 (#1631822)
 

+ 

  * Thu Aug 30 2018 Miro Hrončok <mhroncok@redhat.com> - 3.7.0-9
 

  - Require python3-setuptools from python3-devel to prevent packaging errors (#1623914)

no initial comment

1 test failed:
test_gdb

@cstratak Proposal: skip the test_gdb test for now so we can ship a security fix, deal with that later.

We could do that, however those fixes will be included with the 3.7.1 release which will out in a few days (2018-10-04). Wouldn't it better to wait 1 week to get everything there?

Pull-Request has been closed by churchyard
5 years ago
Changes Summary 2
+84
file added
00310-use-xml-sethashsalt-in-elementtree.patch
+12 -1
file changed
python3.spec
Powered by Pagure 5.13.3
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.