Difuse/packages
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
packages/lang/python/python3/patches
History
Jeffery To a3be5cfa92 python,python3: Fix CVE-2019-16056, CVE-2019-16935 
These patches address issues:
CVE-2019-16056: email.utils.parseaddr mistakenly parse an email
CVE-2019-16935: A reflected XSS in python/Lib/DocXMLRPCServer.py (for
Python 2.7)

CVE-2019-16935 was fixed for python3 in #10109

Links to Python issues:
https://bugs.python.org/issue34155
https://bugs.python.org/issue38243

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
2019-10-04 23:54:46 +08:00
..
001-enable-zlib.patch python3: Fix compilation with deprecated OpenSSL APIs 2019-03-11 15:08:09 -07:00
003-do-not-run-distutils-tests.patch python3: Update to version 3.7.4 2019-07-10 10:11:50 +02:00
004-do-not-write-bytes-codes.patch python3: update to python 3.7.0 2018-07-11 06:34:54 +02:00
006-remove-multi-arch-and-local-paths.patch python3: Update to version 3.7.4 2019-07-10 10:11:50 +02:00
007-distutils-do-not-adjust-path.patch python3: refresh patches make package/python3/refresh cmd 2017-07-26 23:56:51 +03:00
008-distutils-use-python-sysroot.patch python3: Update to version 3.7.4 2019-07-10 10:11:50 +02:00
010-do-not-add-rt-lib-dirs-when-cross-compiling.patch python3: Update to version 3.7.4 2019-07-10 10:11:50 +02:00
013-getbuildinfo-date-time-source-date-epoch.patch python3: Update to version 3.7.4 2019-07-10 10:11:50 +02:00
014-remove-platform-so-suffix.patch python3: Update to version 3.7.4 2019-07-10 10:11:50 +02:00
015-abort-on-failed-modules.patch python3: Update to version 3.7.4 2019-07-10 10:11:50 +02:00
016-adjust-config-paths.patch python3: Update to version 3.7.4 2019-07-10 10:11:50 +02:00
017_lib2to3_fix_pyc_search.patch python3: Update to version 3.7.4 2019-07-10 10:11:50 +02:00
024-musl-find_library.patch python,python3: Fix ctypes.util.find_library() 2019-07-22 04:42:54 +08:00
025-bpo-37461-Fix-infinite-loop-in-parsing-of-specially-.patch python3: backport three security patches 2019-09-29 23:18:29 +02:00
026-3.7-bpo-37764-Fix-infinite-loop-when-parsing-unstruc.patch python3: backport three security patches 2019-09-29 23:18:29 +02:00
027-bpo-38243-xmlrpc.server-Escape-the-server_title-GH-1.patch python3: backport three security patches 2019-09-29 23:18:29 +02:00
028-bpo-34155-Dont-parse-domains-containing-GH-13079.patch python,python3: Fix CVE-2019-16056, CVE-2019-16935 2019-10-04 23:54:46 +08:00