From 16f14f63db7a370d3917cf9c7d7e3735b0f59855 Mon Sep 17 00:00:00 2001 From: Marius Bakke Date: Wed, 17 Oct 2018 20:53:24 +0200 Subject: gnu: Python: Adjust grafts for core-updates merge. This adjust the grafts from a55ebe2e3a7b438b4eec06c594440d3a0fb06a25 and 90aeaee861845142843a0f988fa4ff016c723cdb to apply to Python 2.7.15 and 3.7.0. * gnu/packages/patches/python2-CVE-2018-1060.patch, gnu/packages/patches/python2-CVE-2018-1061.patch: Delete files. * gnu/local.mk (dist_patch_DATA): Remove them. * gnu/packages/python.scm (python-2/fixed): Remove patches that are already present in 2.7.15. (python-3/fixed): Remove obsolete phase. --- gnu/packages/patches/python2-CVE-2018-1060.patch | 20 -------------------- gnu/packages/patches/python2-CVE-2018-1061.patch | 20 -------------------- gnu/packages/python.scm | 16 ++-------------- 3 files changed, 2 insertions(+), 54 deletions(-) delete mode 100644 gnu/packages/patches/python2-CVE-2018-1060.patch delete mode 100644 gnu/packages/patches/python2-CVE-2018-1061.patch (limited to 'gnu/packages') diff --git a/gnu/packages/patches/python2-CVE-2018-1060.patch b/gnu/packages/patches/python2-CVE-2018-1060.patch deleted file mode 100644 index 5eb7ccfbc9..0000000000 --- a/gnu/packages/patches/python2-CVE-2018-1060.patch +++ /dev/null @@ -1,20 +0,0 @@ -Fix CVE-2018-1060: -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1060 - -Taken from upstream commit (sans test and NEWS): -https://github.com/python/cpython/commit/e052d40cea15f582b50947f7d906b39744dc62a2 - -diff --git a/Lib/poplib.py b/Lib/poplib.py -index b91e5f72d2ca..a238510b38fc 100644 ---- a/Lib/poplib.py -+++ b/Lib/poplib.py -@@ -274,7 +274,7 @@ def rpop(self, user): - return self._shortcmd('RPOP %s' % user) - - -- timestamp = re.compile(r'\+OK.*(<[^>]+>)') -+ timestamp = re.compile(br'\+OK.[^<]*(<.*>)') - - def apop(self, user, secret): - """Authorisation - diff --git a/gnu/packages/patches/python2-CVE-2018-1061.patch b/gnu/packages/patches/python2-CVE-2018-1061.patch deleted file mode 100644 index 6caab24b4d..0000000000 --- a/gnu/packages/patches/python2-CVE-2018-1061.patch +++ /dev/null @@ -1,20 +0,0 @@ -Fix CVE-2018-1061: - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1061 - -Taken from upstream commit (sans test and NEWS): -https://github.com/python/cpython/commit/e052d40cea15f582b50947f7d906b39744dc62a2 - -diff --git a/Lib/difflib.py b/Lib/difflib.py -index 1c6fbdbedcb7..788a92df3f89 100644 ---- a/Lib/difflib.py -+++ b/Lib/difflib.py -@@ -1103,7 +1103,7 @@ def _qformat(self, aline, bline, atags, btags): - - import re - --def IS_LINE_JUNK(line, pat=re.compile(r"\s*#?\s*$").match): -+def IS_LINE_JUNK(line, pat=re.compile(r"\s*(?:#\s*)?$").match): - r""" - Return 1 for ignorable line: iff `line` is blank or contains a single '#'. - diff --git a/gnu/packages/python.scm b/gnu/packages/python.scm index 39ec96fd66..63cf440014 100644 --- a/gnu/packages/python.scm +++ b/gnu/packages/python.scm @@ -323,9 +323,7 @@ data types.") (inherit (package-source python-2)) (patches (append (origin-patches (package-source python-2)) - (search-patches "python2-CVE-2018-1060.patch" - "python2-CVE-2018-1061.patch" - "python2-CVE-2018-14647.patch" + (search-patches "python2-CVE-2018-14647.patch" "python2-CVE-2018-1000802.patch"))))))) (define-public python2-called-python @@ -419,17 +417,7 @@ data types.") (source (origin (inherit (package-source python-3)) (patches (append (origin-patches (package-source python-3)) - (search-patches "python-CVE-2018-14647.patch"))))) - (arguments - (substitute-keyword-arguments (package-arguments python-3) - ((#:phases phases) - `(modify-phases ,phases - (add-after 'unpack 'delete-broken-test - (lambda _ - ;; Delete test which fails on recent kernels: - ;; . - (delete-file "Lib/test/test_socket.py") - #t)))))))) + (search-patches "python-CVE-2018-14647.patch"))))))) ;; Current major version. (define-public python python-3) -- cgit v1.2.3