| |
@@ -126,7 +126,7 @@
|
| |
Summary: Version 3.4 of the Python programming language
|
| |
Name: python%{pyshortver}
|
| |
Version: %{pybasever}.7
|
| |
- Release: 1%{?dist}
|
| |
+ Release: 2%{?dist}
|
| |
License: Python
|
| |
Group: Development/Languages
|
| |
|
| |
@@ -500,6 +500,12 @@
|
| |
# See https://bugzilla.redhat.com/show_bug.cgi?id=1484497
|
| |
Patch273: 00273-skip-float-test.patch
|
| |
|
| |
+ # 00286 #
|
| |
+ # CVE-2017-1000158
|
| |
+ # Check & prevent integer overflow in PyString_DecodeEscape
|
| |
+ # Fixed upstream: https://bugs.python.org/issue30657
|
| |
+ Patch286: 00286-pystring-decodeescape-integer-overflow.patch
|
| |
+
|
| |
# (New patches go here ^^^)
|
| |
#
|
| |
# When adding new patches to "python" and "python3" in Fedora 17 onwards,
|
| |
@@ -653,6 +659,7 @@
|
| |
%patch203 -p1
|
| |
%patch250 -p1
|
| |
%patch273 -p1
|
| |
+ %patch286 -p1
|
| |
|
| |
# Currently (2010-01-15), http://docs.python.org/library is for 2.6, and there
|
| |
# are many differences between 2.6 and the Python 3 library.
|
| |
@@ -1207,6 +1214,10 @@
|
| |
# ======================================================
|
| |
|
| |
%changelog
|
| |
+ * Fri Dec 08 2017 Miro Hrončok <mhroncok@redhat.com> - 3.4.7-2
|
| |
+ - Fix for CVE-2017-1000158
|
| |
+ - rhbz#1519601: https://bugzilla.redhat.com/show_bug.cgi?id=1519601
|
| |
+
|
| |
* Thu Nov 02 2017 Charalampos Stratakis <cstratak@redhat.com> - 3.4.7-1
|
| |
- Update to 3.4.7
|
| |
|
| |