FreeBSD Bugzilla – Attachment 215230 Details for
Bug 246984
lang/python* Fix CVE-2020-8492, CVE-2019-18348
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Fix CVE-2020-8492
python-CVE-2020-8492.patch (text/plain), 3.00 KB, created by
Dani I.
on 2020-06-04 15:36:56 UTC
(
hide
)
Description:
Fix CVE-2020-8492
Filename:
MIME Type:
Creator:
Dani I.
Created:
2020-06-04 15:36:56 UTC
Size:
3.00 KB
patch
obsolete
>--- lang/python36/Makefile >+++ lang/python36/Makefile >@@ -3,7 +3,7 @@ > > PORTNAME= python > PORTVERSION= ${PYTHON_PORTVERSION} >-PORTREVISION= 3 >+PORTREVISION= 4 > CATEGORIES= lang python > MASTER_SITES= PYTHON/ftp/python/${PORTVERSION} > PKGNAMESUFFIX= ${PYTHON_SUFFIX} >@@ -13,7 +13,8 @@ DIST_SUBDIR= python > # Resolve sinpi name clash with libm (IEEE-754 violation) > PATCH_SITES= https://github.com/python/cpython/commit/ > PATCHFILES= f57cd8288dbe6aba99c057f37ad6d58f8db75350.patch:-p1 \ >- f9c01a16dae8aa15d264a1937fb589e8598d1c88.patch:-p1 >+ f9c01a16dae8aa15d264a1937fb589e8598d1c88.patch:-p1 \ >+ 69cdeeb93e0830004a495ed854022425b93b3f3e.patch:-p1 > > MAINTAINER= python@FreeBSD.org > COMMENT= Interpreted object-oriented programming language >--- lang/python36/distinfo >+++ lang/python36/distinfo >@@ -1,7 +1,9 @@ >-TIMESTAMP = 1575752359 >+TIMESTAMP = 1591283258 > SHA256 (python/Python-3.6.9.tar.xz) = 5e2f5f554e3f8f7f0296f7e73d8600c4e9acbaee6b2555b83206edf5153870da > SIZE (python/Python-3.6.9.tar.xz) = 17212164 > SHA256 (python/f57cd8288dbe6aba99c057f37ad6d58f8db75350.patch) = 44340896504b297bbab06db0bb0a71ddf9f25bbe02ab3dcdfeec2772c957b69f > SIZE (python/f57cd8288dbe6aba99c057f37ad6d58f8db75350.patch) = 2542 > SHA256 (python/f9c01a16dae8aa15d264a1937fb589e8598d1c88.patch) = a5cf6ef701d6afb14417232c6723fe2c50d7bf35d87bf6b3e3bcbfa1000a38f9 > SIZE (python/f9c01a16dae8aa15d264a1937fb589e8598d1c88.patch) = 2888 >+SHA256 (python/69cdeeb93e0830004a495ed854022425b93b3f3e.patch) = e935493892358bf5a82dd6299fd9d1f0dadb28395bc1d8e0dd031fde0bf4c68c >+SIZE (python/69cdeeb93e0830004a495ed854022425b93b3f3e.patch) = 10887 >--- lang/python37/Makefile >+++ lang/python37/Makefile >@@ -3,12 +3,16 @@ > > PORTNAME= python > PORTVERSION= ${PYTHON_PORTVERSION} >+PORTREVISION= 1 > CATEGORIES= lang python > MASTER_SITES= PYTHON/ftp/python/${PORTVERSION} > PKGNAMESUFFIX= ${PYTHON_SUFFIX} > DISTNAME= Python-${PORTVERSION} > DIST_SUBDIR= python > >+PATCH_SITES= https://github.com/python/cpython/commit/ >+PATCHFILES= b57a73694e26e8b2391731b5ee0b1be59437388e.patch:-p1 >+ > MAINTAINER= python@FreeBSD.org > COMMENT= Interpreted object-oriented programming language > >--- lang/python37/distinfo >+++ lang/python37/distinfo >@@ -1,3 +1,5 @@ >-TIMESTAMP = 1583986224 >+TIMESTAMP = 1591283258 > SHA256 (python/Python-3.7.7.tar.xz) = 06a0a9f1bf0d8cd1e4121194d666c4e28ddae4dd54346de6c343206599f02136 > SIZE (python/Python-3.7.7.tar.xz) = 17268888 >+SHA256 (python/b57a73694e26e8b2391731b5ee0b1be59437388e.patch) = c0600667e20d931a6c03d109b6be2bda3eac3923db0ff39e090dc7727c5e45ac >+SIZE (python/b57a73694e26e8b2391731b5ee0b1be59437388e.patch) = 10979 >--- security/vuxml/vuln.xml >+++ security/vuxml/vuln.xml >@@ -2041,11 +2041,11 @@ If successful, a malicious third party could trigger either a crash of VLC or an > </package> > <package> > <name>python37</name> >- <range><lt>3.7.7</lt></range> >+ <range><lt>3.7.7_1</lt></range> > </package> > <package> > <name>python36</name> >- <range><lt>3.6.11</lt></range> >+ <range><lt>3.6.9_4</lt></range> > </package> > <package> > <name>python35</name>
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=215230">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 246984
:
215230
|
215304