Difuse/packages
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
packages/lang/python/python/patches
History
Jeffery To 53838903fe python,python3: Fix CVE-2019-9948 - local_file:// allowed in urllib 
These patches address issue:
CVE-2019-9948: Unnecessary URL scheme exists to allow local_file://
reading file in urllib

Link to Python issue:
https://bugs.python.org/issue35907

Issue 35907 is still currently open, waiting for a decision for
Python 3.5; these patches for Python 2.7 and 3.7 have been merged.

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
2019-06-04 22:20:21 +08:00
..
001-enable-zlib.patch python: Refresh patches 2019-03-08 18:48:45 -08:00
002-do-not-add-include-dirs-when-cross-compiling.patch python: refresh patches make package/python/refresh cmd 2017-07-26 23:56:14 +03:00
003-do-not-compile-tests-at-build.patch python: update to version 2.7.15 2018-05-03 14:46:12 +03:00
004-do-not-write-bytes-codes.patch python: update to version 2.7.15 2018-05-03 14:46:12 +03:00
005-fix-bluetooth-support.patch python: Refresh patches 2019-03-08 18:48:45 -08:00
006-remove-multi-arch-and-local-paths.patch python: refresh patches make package/python/refresh cmd 2017-07-26 23:56:14 +03:00
007-distutils-do-not-adjust-path.patch python packages: move all things python under lang/python 2017-05-17 16:51:14 +03:00
008-distutils-use-python-sysroot.patch python: refresh patches make package/python/refresh cmd 2017-07-26 23:56:14 +03:00
009-do-not-use-dblib_dir-when-cross-compiling.patch python: refresh patches make package/python/refresh cmd 2017-07-26 23:56:14 +03:00
010-do-not-add-rt-lib-dirs-when-cross-compiling.patch python: refresh patches make package/python/refresh cmd 2017-07-26 23:56:14 +03:00
011-fix-ssl-build-use-have-npn.patch python: Refresh patches 2019-03-08 18:48:45 -08:00
012-add-support-source-date-epoch-pyc.patch python: update to version 2.7.15 2018-05-03 14:46:12 +03:00
013-getbuildinfo-date-time-source-date-epoch.patch python: update to version 2.7.15 2018-05-03 14:46:12 +03:00
017_lib2to3_fix_pyc_search.patch python: Refresh patches 2019-03-08 18:48:45 -08:00
019-bpo-36216-Add-check-for-characters-in-netloc-that-normalize-to-separators-GH-12216.patch python,python3: Fix CVE-2019-9636 - urlsplit missing NFKC normalization 2019-03-31 05:18:14 +08:00
020-bpo-36216-Only-print-test-messages-when-verbose-GH-12291.patch python,python3: Fix CVE-2019-9636 - urlsplit missing NFKC normalization 2019-03-31 05:18:14 +08:00
021-compileall-add-recursion-option.patch python,python3: Increase max recursion level when generating bytecode 2019-04-04 03:07:02 +08:00
022-bpo-30458-Disallow-control-chars-in-http-URLs-GH-13315.patch python,python3: Fix CVE-2019-9740 and CVE-2019-9947 2019-06-03 00:38:53 +08:00
023-bpo-35907-Avoid-file-reading-as-disallowing-the-unnecessary-URL-scheme-in-urllib-GH-11842.patch python,python3: Fix CVE-2019-9948 - local_file:// allowed in urllib 2019-06-04 22:20:21 +08:00