diff --git a/.gitignore b/.gitignore index eef1bc3..ec41e6d 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,2 @@ /Python-3.4.3.tar.xz +/Python-3.4.5.tar.xz diff --git a/00202-fix-undefined-behaviour-in-faulthandler.patch b/00202-fix-undefined-behaviour-in-faulthandler.patch deleted file mode 100644 index b333e15..0000000 --- a/00202-fix-undefined-behaviour-in-faulthandler.patch +++ /dev/null @@ -1,41 +0,0 @@ - -# HG changeset patch -# User Victor Stinner -# Date 1423661015 -3600 -# Node ID 689092296ad31951f8f919fc06b49450e648e93d -# Parent 645f3d750be139ce0198e15e221da07b22289a92 -Issue #23433: Fix faulthandler._stack_overflow() - -Fix undefined behaviour: don't compare pointers. Use Py_uintptr_t type instead -of void*. It fixes test_faulthandler on Fedora 22 which now uses GCC 5. - -diff --git a/Modules/faulthandler.c b/Modules/faulthandler.c ---- a/Modules/faulthandler.c -+++ b/Modules/faulthandler.c -@@ -911,12 +911,12 @@ faulthandler_fatal_error_py(PyObject *se - } - - #if defined(HAVE_SIGALTSTACK) && defined(HAVE_SIGACTION) --static void* --stack_overflow(void *min_sp, void *max_sp, size_t *depth) -+static Py_uintptr_t -+stack_overflow(Py_uintptr_t min_sp, Py_uintptr_t max_sp, size_t *depth) - { - /* allocate 4096 bytes on the stack at each call */ - unsigned char buffer[4096]; -- void *sp = &buffer; -+ Py_uintptr_t sp = (Py_uintptr_t)&buffer; - *depth += 1; - if (sp < min_sp || max_sp < sp) - return sp; -@@ -929,7 +929,8 @@ static PyObject * - faulthandler_stack_overflow(PyObject *self) - { - size_t depth, size; -- char *sp = (char *)&depth, *stop; -+ Py_uintptr_t sp = (Py_uintptr_t)&depth; -+ Py_uintptr_t stop; - - depth = 0; - stop = stack_overflow(sp - STACK_OVERFLOW_MAX_SIZE, - diff --git a/00204-increase-dh-keys-size.patch b/00204-increase-dh-keys-size.patch deleted file mode 100644 index e75d992..0000000 --- a/00204-increase-dh-keys-size.patch +++ /dev/null @@ -1,49 +0,0 @@ - -# HG changeset patch -# User Benjamin Peterson -# Date 1427947446 14400 -# Node ID 1ad7c0253abe1252128d61c3d0127d22144cb354 -# Parent 47451f6e7e7528a6647dbdc435e9a9f5c13c0080 -replace 512 bit dh key with a 2014 bit one (closes #23844) - -Patch by Cédric Krier. - -diff --git a/Lib/test/dh1024.pem b/Lib/test/dh1024.pem -new file mode 100644 ---- /dev/null -+++ b/Lib/test/dh1024.pem -@@ -0,0 +1,7 @@ -+-----BEGIN DH PARAMETERS----- -+MIGHAoGBAIbzw1s9CT8SV5yv6L7esdAdZYZjPi3qWFs61CYTFFQnf2s/d09NYaJt -+rrvJhIzWavqnue71qXCf83/J3nz3FEwUU/L0mGyheVbsSHiI64wUo3u50wK5Igo0 -+RNs/LD0irs7m0icZ//hijafTU+JOBiuA8zMI+oZfU7BGuc9XrUprAgEC -+-----END DH PARAMETERS----- -+ -+Generated with: openssl dhparam -out dh1024.pem 1024 -diff --git a/Lib/test/dh512.pem b/Lib/test/dh512.pem -deleted file mode 100644 ---- a/Lib/test/dh512.pem -+++ /dev/null -@@ -1,9 +0,0 @@ -------BEGIN DH PARAMETERS----- --MEYCQQD1Kv884bEpQBgRjXyEpwpy1obEAxnIByl6ypUM2Zafq9AKUJsCRtMIPWak --XUGfnHy9iUsiGSa6q6Jew1XpKgVfAgEC -------END DH PARAMETERS----- -- --These are the 512 bit DH parameters from "Assigned Number for SKIP Protocols" --(http://www.skip-vpn.org/spec/numbers.html). --See there for how they were generated. --Note that g is not a generator, but this is not a problem since p is a safe prime. -diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py ---- a/Lib/test/test_ssl.py -+++ b/Lib/test/test_ssl.py -@@ -64,7 +64,7 @@ BADKEY = data_file("badkey.pem") - NOKIACERT = data_file("nokia.pem") - NULLBYTECERT = data_file("nullbytecert.pem") - --DHFILE = data_file("dh512.pem") -+DHFILE = data_file("dh1024.pem") - BYTES_DHFILE = os.fsencode(DHFILE) - - - diff --git a/00237-CVE-2016-0772-smtplib.patch b/00237-CVE-2016-0772-smtplib.patch deleted file mode 100644 index d3213bd..0000000 --- a/00237-CVE-2016-0772-smtplib.patch +++ /dev/null @@ -1,34 +0,0 @@ -From 5b67aca6fb4246e84981d6361ba218bd52e73ac2 Mon Sep 17 00:00:00 2001 -From: Tomas Orsava -Date: Tue, 21 Jun 2016 15:52:03 +0200 -Subject: [PATCH] Raise an error when STARTTLS fails - -CVE-2016-0772 python: smtplib StartTLS stripping attack -rhbz#1303647: https://bugzilla.redhat.com/show_bug.cgi?id=1303647 - -Based on an upstream change by Benjamin Peterson -- in changeset 101887:d590114c2394 3.4 -- https://hg.python.org/cpython/rev/d590114c2394 ---- - Lib/smtplib.py | 5 +++++ - 1 file changed, 5 insertions(+) - -diff --git a/Lib/smtplib.py b/Lib/smtplib.py -index dc16ef6..8bc806b 100755 ---- a/Lib/smtplib.py -+++ b/Lib/smtplib.py -@@ -655,6 +655,11 @@ class SMTP: - self.ehlo_resp = None - self.esmtp_features = {} - self.does_esmtp = 0 -+ else: -+ # RFC 3207: -+ # 501 Syntax error (no parameters allowed) -+ # 454 TLS not available due to temporary reason -+ raise SMTPResponseException(resp, reply) - return (resp, reply) - - def sendmail(self, from_addr, to_addrs, msg, mail_options=[], --- -2.5.5 - diff --git a/00238-CVE-2016-5699-http-client.patch b/00238-CVE-2016-5699-http-client.patch deleted file mode 100644 index c4ae1ee..0000000 --- a/00238-CVE-2016-5699-http-client.patch +++ /dev/null @@ -1,162 +0,0 @@ -From e30667f3442e7561e765401be048eba9b444a360 Mon Sep 17 00:00:00 2001 -From: Tomas Orsava -Date: Fri, 8 Jul 2016 12:18:50 +0200 -Subject: [PATCH] Disabled HTTP header injections in http.client. - -CVE-2016-5699 python: http protocol steam injection attack -rhbz#1303699 : https://bugzilla.redhat.com/show_bug.cgi?id=1303699 - -Based on an upstream change by Demian Brecht and Serhiy Storchaka -- in changeset 94952:bf3e1c9b80e9 3.4 -- https://hg.python.org/cpython/rev/bf3e1c9b80e9 ---- - Lib/http/client.py | 37 +++++++++++++++++++++++++++++++ - Lib/test/test_httplib.py | 57 ++++++++++++++++++++++++++++++++++++++++++++++++ - 2 files changed, 94 insertions(+) - -diff --git a/Lib/http/client.py b/Lib/http/client.py -index 6de4b0e..7ec5899 100644 ---- a/Lib/http/client.py -+++ b/Lib/http/client.py -@@ -70,6 +70,7 @@ import email.parser - import email.message - import io - import os -+import re - import socket - import collections - from urllib.parse import urlsplit -@@ -215,6 +216,34 @@ MAXAMOUNT = 1048576 - _MAXLINE = 65536 - _MAXHEADERS = 100 - -+# Header name/value ABNF (http://tools.ietf.org/html/rfc7230#section-3.2) -+# -+# VCHAR = %x21-7E -+# obs-text = %x80-FF -+# header-field = field-name ":" OWS field-value OWS -+# field-name = token -+# field-value = *( field-content / obs-fold ) -+# field-content = field-vchar [ 1*( SP / HTAB ) field-vchar ] -+# field-vchar = VCHAR / obs-text -+# -+# obs-fold = CRLF 1*( SP / HTAB ) -+# ; obsolete line folding -+# ; see Section 3.2.4 -+ -+# token = 1*tchar -+# -+# tchar = "!" / "#" / "$" / "%" / "&" / "'" / "*" -+# / "+" / "-" / "." / "^" / "_" / "`" / "|" / "~" -+# / DIGIT / ALPHA -+# ; any VCHAR, except delimiters -+# -+# VCHAR defined in http://tools.ietf.org/html/rfc5234#appendix-B.1 -+ -+# the patterns for both name and value are more leniant than RFC -+# definitions to allow for backwards compatibility -+_is_legal_header_name = re.compile(rb'[^:\s][^:\r\n]*').fullmatch -+_is_illegal_header_value = re.compile(rb'\n(?![ \t])|\r(?![ \t\n])').search -+ - - class HTTPMessage(email.message.Message): - # XXX The only usage of this method is in -@@ -1058,12 +1087,20 @@ class HTTPConnection: - - if hasattr(header, 'encode'): - header = header.encode('ascii') -+ -+ if not _is_legal_header_name(header): -+ raise ValueError('Invalid header name %r' % (header,)) -+ - values = list(values) - for i, one_value in enumerate(values): - if hasattr(one_value, 'encode'): - values[i] = one_value.encode('latin-1') - elif isinstance(one_value, int): - values[i] = str(one_value).encode('ascii') -+ -+ if _is_illegal_header_value(values[i]): -+ raise ValueError('Invalid header value %r' % (values[i],)) -+ - value = b'\r\n\t'.join(values) - header = header + b': ' + value - self._output(header) -diff --git a/Lib/test/test_httplib.py b/Lib/test/test_httplib.py -index 3fc3466..d5037f0 100644 ---- a/Lib/test/test_httplib.py -+++ b/Lib/test/test_httplib.py -@@ -148,6 +148,33 @@ class HeaderTests(TestCase): - conn.putheader('Content-length', 42) - self.assertIn(b'Content-length: 42', conn._buffer) - -+ conn.putheader('Foo', ' bar ') -+ self.assertIn(b'Foo: bar ', conn._buffer) -+ conn.putheader('Bar', '\tbaz\t') -+ self.assertIn(b'Bar: \tbaz\t', conn._buffer) -+ conn.putheader('Authorization', 'Bearer mytoken') -+ self.assertIn(b'Authorization: Bearer mytoken', conn._buffer) -+ conn.putheader('IterHeader', 'IterA', 'IterB') -+ self.assertIn(b'IterHeader: IterA\r\n\tIterB', conn._buffer) -+ conn.putheader('LatinHeader', b'\xFF') -+ self.assertIn(b'LatinHeader: \xFF', conn._buffer) -+ conn.putheader('Utf8Header', b'\xc3\x80') -+ self.assertIn(b'Utf8Header: \xc3\x80', conn._buffer) -+ conn.putheader('C1-Control', b'next\x85line') -+ self.assertIn(b'C1-Control: next\x85line', conn._buffer) -+ conn.putheader('Embedded-Fold-Space', 'is\r\n allowed') -+ self.assertIn(b'Embedded-Fold-Space: is\r\n allowed', conn._buffer) -+ conn.putheader('Embedded-Fold-Tab', 'is\r\n\tallowed') -+ self.assertIn(b'Embedded-Fold-Tab: is\r\n\tallowed', conn._buffer) -+ conn.putheader('Key Space', 'value') -+ self.assertIn(b'Key Space: value', conn._buffer) -+ conn.putheader('KeySpace ', 'value') -+ self.assertIn(b'KeySpace : value', conn._buffer) -+ conn.putheader(b'Nonbreak\xa0Space', 'value') -+ self.assertIn(b'Nonbreak\xa0Space: value', conn._buffer) -+ conn.putheader(b'\xa0NonbreakSpace', 'value') -+ self.assertIn(b'\xa0NonbreakSpace: value', conn._buffer) -+ - def test_ipv6host_header(self): - # Default host header on IPv6 transaction should wrapped by [] if - # its actual IPv6 address -@@ -177,6 +204,36 @@ class HeaderTests(TestCase): - self.assertEqual(resp.getheader('First'), 'val') - self.assertEqual(resp.getheader('Second'), 'val') - -+ def test_invalid_headers(self): -+ conn = client.HTTPConnection('example.com') -+ conn.sock = FakeSocket('') -+ conn.putrequest('GET', '/') -+ -+ # http://tools.ietf.org/html/rfc7230#section-3.2.4, whitespace is no -+ # longer allowed in header names -+ cases = ( -+ (b'Invalid\r\nName', b'ValidValue'), -+ (b'Invalid\rName', b'ValidValue'), -+ (b'Invalid\nName', b'ValidValue'), -+ (b'\r\nInvalidName', b'ValidValue'), -+ (b'\rInvalidName', b'ValidValue'), -+ (b'\nInvalidName', b'ValidValue'), -+ (b' InvalidName', b'ValidValue'), -+ (b'\tInvalidName', b'ValidValue'), -+ (b'Invalid:Name', b'ValidValue'), -+ (b':InvalidName', b'ValidValue'), -+ (b'ValidName', b'Invalid\r\nValue'), -+ (b'ValidName', b'Invalid\rValue'), -+ (b'ValidName', b'Invalid\nValue'), -+ (b'ValidName', b'InvalidValue\r\n'), -+ (b'ValidName', b'InvalidValue\r'), -+ (b'ValidName', b'InvalidValue\n'), -+ ) -+ for name, value in cases: -+ with self.subTest((name, value)): -+ with self.assertRaisesRegex(ValueError, 'Invalid header'): -+ conn.putheader(name, value) -+ - - class BasicTest(TestCase): - def test_status_lines(self): --- -2.9.0 - diff --git a/00241-CVE-2016-5636-buffer-overflow-in-zipimport-module-fix.patch b/00241-CVE-2016-5636-buffer-overflow-in-zipimport-module-fix.patch deleted file mode 100644 index 587d6f9..0000000 --- a/00241-CVE-2016-5636-buffer-overflow-in-zipimport-module-fix.patch +++ /dev/null @@ -1,39 +0,0 @@ -From ae99040f6c1f329d6b6c984f39c920f09d383925 Mon Sep 17 00:00:00 2001 -From: Charalampos Stratakis -Date: Mon, 11 Jul 2016 11:21:29 +0200 -Subject: [PATCH] CVE-2016-5636 fix - ---- - Modules/zipimport.c | 9 +++++++++ - 1 file changed, 9 insertions(+) - -diff --git a/Modules/zipimport.c b/Modules/zipimport.c -index 8fe9195..f72e89f 100644 ---- a/Modules/zipimport.c -+++ b/Modules/zipimport.c -@@ -1071,6 +1071,10 @@ get_data(PyObject *archive, PyObject *toc_entry) - &date, &crc)) { - return NULL; - } -+ if (data_size < 0) { -+ PyErr_Format(ZipImportError, "negative data size"); -+ return NULL; -+ } - - fp = _Py_fopen_obj(archive, "rb"); - if (!fp) { -@@ -1111,6 +1115,11 @@ get_data(PyObject *archive, PyObject *toc_entry) - } - file_offset += l; /* Start of file data */ - -+ if (data_size > LONG_MAX - 1) { -+ fclose(fp); -+ PyErr_NoMemory(); -+ return NULL; -+ } - bytes_size = compress == 0 ? data_size : data_size + 1; - if (bytes_size == 0) - bytes_size++; --- -2.7.4 - diff --git a/python34.spec b/python34.spec index a53c911..f9f7f39 100644 --- a/python34.spec +++ b/python34.spec @@ -152,8 +152,8 @@ # ================== Summary: Version 3 of the Python programming language aka Python 3000 Name: python%{pyshortver} -Version: %{pybasever}.3 -Release: 9%{?dist} +Version: %{pybasever}.5 +Release: 1%{?dist} License: Python Group: Development/Languages @@ -740,42 +740,9 @@ Patch200: 00200-gettext-plural-fix.patch # Note: Backported from scl Patch201: 00201-fix-memory-leak-in-gdbm.patch -# 00202 # -# Fixes undefined behaviour in faulthandler which caused tests to hang in on x86_64 -# http://bugs.python.org/issue23433 -Patch202: 00202-fix-undefined-behaviour-in-faulthandler.patch - # test_threading fails in koji dues to it's handling of signals Patch203: 00203-disable-threading-test-koji.patch -# openssl requires DH keys to be > 768bits -Patch204: 00204-increase-dh-keys-size.patch - -# 00237 # -# CVE-2016-0772 python: smtplib StartTLS stripping attack -# https://bugzilla.redhat.com/show_bug.cgi?id=1303647 -# FIXED UPSTREAM: https://hg.python.org/cpython/rev/d590114c2394 -# Raise an error when STARTTLS fails -# Resolves: rhbz#1348973 -Patch237: 00237-CVE-2016-0772-smtplib.patch - -# 00238 # -# CVE-2016-5699 python: http protocol steam injection attack -# https://bugzilla.redhat.com/show_bug.cgi?id=1303699 -# FIXED UPSTREAM: https://hg.python.org/cpython/rev/bf3e1c9b80e9 -# Disabled HTTP header injections in http.client -# Resolves: rhbz#1348982 -Patch238: 00238-CVE-2016-5699-http-client.patch - -# 00241 # -# CVE-2016-5636: http://seclists.org/oss-sec/2016/q2/560 -# rhbz#1356365: https://bugzilla.redhat.com/show_bug.cgi?id=1356365 -# https://hg.python.org/cpython/rev/985fc64c60d6/ -# https://hg.python.org/cpython/rev/2edbdb79cd6d -# Fix possible integer overflow and heap corruption in zipimporter.get_data() -# FIXED UPSTREAM: https://bugs.python.org/issue26171 -Patch241: 00241-CVE-2016-5636-buffer-overflow-in-zipimport-module-fix.patch - # 00242 # # HTTPoxy attack (CVE-2016-1000110) # https://httpoxy.org/ @@ -1072,12 +1039,7 @@ sed -r -i s/'_PIP_VERSION = "[0-9.]+"'/'_PIP_VERSION = "%{pip_version}"'/ Lib/en %patch196 -p1 # 00197: upstream as of Python 3.4.2 # 00199: doesn't apply to RHEL 7 -%patch202 -p1 %patch203 -p1 -%patch204 -p1 -%patch237 -p1 -%patch238 -p1 -%patch241 -p1 %patch242 -p1 %patch248 -p1 @@ -2031,6 +1993,9 @@ rm -fr %{buildroot} # ====================================================== %changelog +* Fri Oct 14 2016 Orion Poplawski - 3.4.5-1 +- Update to 3.4.5 + * Fri Oct 14 2016 Charalampos Stratakis - 3.4.3-9 - Ensure gc tracking is off when invoking weakref callbacks diff --git a/sources b/sources index 9900d70..f4a639a 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -7d092d1bba6e17f0d9bd21b49e441dd5 Python-3.4.3.tar.xz +5caaca47eead170070a856fae5f6e78c Python-3.4.5.tar.xz