mirror of
https://git.in.rschanz.org/ryan77627/guix.git
synced 2024-11-08 16:06:16 -05:00
a55ebe2e3a
This addresses CVE-2018-{1060,1061,14647,1000802}.
* gnu/packages/patches/python2-CVE-2018-1000802.patch,
gnu/packages/patches/python2-CVE-2018-1060.patch,
gnu/packages/patches/python2-CVE-2018-1061.patch,
gnu/packages/patches/python2-CVE-2018-14647.patch: New files.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/python.scm (python-2/fixed): New variable.
(python-2.7)[replacement]: New field.
(python2-minimal): Use PACKAGE/INHERIT.
20 lines
643 B
Diff
20 lines
643 B
Diff
Fix CVE-2018-1061:
|
|
|
|
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1061
|
|
|
|
Taken from upstream commit (sans test and NEWS):
|
|
https://github.com/python/cpython/commit/e052d40cea15f582b50947f7d906b39744dc62a2
|
|
|
|
diff --git a/Lib/difflib.py b/Lib/difflib.py
|
|
index 1c6fbdbedcb7..788a92df3f89 100644
|
|
--- a/Lib/difflib.py
|
|
+++ b/Lib/difflib.py
|
|
@@ -1103,7 +1103,7 @@ def _qformat(self, aline, bline, atags, btags):
|
|
|
|
import re
|
|
|
|
-def IS_LINE_JUNK(line, pat=re.compile(r"\s*#?\s*$").match):
|
|
+def IS_LINE_JUNK(line, pat=re.compile(r"\s*(?:#\s*)?$").match):
|
|
r"""
|
|
Return 1 for ignorable line: iff `line` is blank or contains a single '#'.
|
|
|