From 26ea0e09f360bd226d8ba765cbf621c0ca8dd809 Mon Sep 17 00:00:00 2001 From: Max Rees Date: Mon, 30 Sep 2019 11:39:29 -0500 Subject: system/python3: patch CVE-2019-16056 (#197) --- system/python3/APKBUILD | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'system/python3/APKBUILD') diff --git a/system/python3/APKBUILD b/system/python3/APKBUILD index 250f259b6..4fefa4e22 100644 --- a/system/python3/APKBUILD +++ b/system/python3/APKBUILD @@ -3,7 +3,7 @@ pkgname=python3 pkgver=3.6.9 _basever="${pkgver%.*}" -pkgrel=0 +pkgrel=1 pkgdesc="A high-level scripting language" url="https://www.python.org" arch="all" @@ -40,6 +40,7 @@ makedepends="expat-dev openssl-dev zlib-dev ncurses-dev bzip2-dev xz-dev source="https://www.python.org/ftp/python/$pkgver/Python-$pkgver.tar.xz musl-find_library.patch fix-xattrs-glibc.patch + CVE-2019-16056.patch " builddir="$srcdir/Python-$pkgver" @@ -57,6 +58,8 @@ builddir="$srcdir/Python-$pkgver" # - CVE-2018-20852 # - CVE-2019-5010 # - CVE-2019-9948 +# 3.6.9-r1: +# - CVE-2019-16056 prepare() { default_prepare @@ -184,4 +187,5 @@ wininst() { sha512sums="05de9c6f44d96a52bfce10ede4312de892573edaf8bece65926d19973a3a800d65eed7a857af945f69efcfb25efa3788e7a54016b03d80b611eb51c3ea074819 Python-3.6.9.tar.xz ab8eaa2858d5109049b1f9f553198d40e0ef8d78211ad6455f7b491af525bffb16738fed60fc84e960c4889568d25753b9e4a1494834fea48291b33f07000ec2 musl-find_library.patch -37b6ee5d0d5de43799316aa111423ba5a666c17dc7f81b04c330f59c1d1565540eac4c585abe2199bbed52ebe7426001edb1c53bd0a17486a2a8e052d0f494ad fix-xattrs-glibc.patch" +37b6ee5d0d5de43799316aa111423ba5a666c17dc7f81b04c330f59c1d1565540eac4c585abe2199bbed52ebe7426001edb1c53bd0a17486a2a8e052d0f494ad fix-xattrs-glibc.patch +1f1eb61355eb7832bef8e9c3915895cc3b2966a30c809371430b4416260452cd39c48ba593b2259574867bd1e8fea98efbc45c4b0bd95aeb0690c8514b380ea0 CVE-2019-16056.patch" -- cgit v1.2.3-70-g09d2