diff options
| author | Michael Stahl <michael.stahl@allotropia.de> | 2021-02-17 13:56:52 +0100 |
|---|---|---|
| committer | Andras Timar <andras.timar@collabora.com> | 2021-03-18 13:56:28 +0100 |
| commit | 6b55e7fc5e04cc5a48b1bd3e1c63e7dd83381b62 (patch) | |
| tree | 9832e5e8a4f20b5343ec5ca55c3e28e083df5325 | |
| parent | 590d6e151fe4dc0b0ea8ff5ffb2661efdbc28f90 (diff) | |
python3: upgrade to release 3.7.10
Fixes CVE-2021-3177 plus these less important ones:
CVE-2021-23336 CVE-2020-27619 CVE-2020-14422 CVE-2020-26116
CVE-2019-20907 CVE-2020-8492 CVE-2019-18348
Change-Id: I8e83395bd3e871eb2ed030a03827b7d261c96049
| -rw-r--r-- | configure.ac | 2 | ||||
| -rw-r--r-- | download.lst | 4 | ||||
| -rw-r--r-- | external/python3/0001-3.6-bpo-17239-Disable-external-entities-in-SAX-parse.patch.1 | 59 | ||||
| -rw-r--r-- | external/python3/python-3.3.0-darwin.patch.1 | 2 |
4 files changed, 4 insertions, 63 deletions
diff --git a/configure.ac b/configure.ac index d71a127b92e5..15ad78b8b8a4 100644 --- a/configure.ac +++ b/configure.ac @@ -8941,7 +8941,7 @@ internal) SYSTEM_PYTHON= PYTHON_VERSION_MAJOR=3 PYTHON_VERSION_MINOR=7 - PYTHON_VERSION=${PYTHON_VERSION_MAJOR}.${PYTHON_VERSION_MINOR}.7 + PYTHON_VERSION=${PYTHON_VERSION_MAJOR}.${PYTHON_VERSION_MINOR}.10 if ! grep -q -i python.*${PYTHON_VERSION} ${SRC_ROOT}/download.lst; then AC_MSG_ERROR([PYTHON_VERSION ${PYTHON_VERSION} but no matching file in download.lst]) fi diff --git a/download.lst b/download.lst index de6bc1d8b2f6..53225f404bfe 100644 --- a/download.lst +++ b/download.lst @@ -234,8 +234,8 @@ export POPPLER_SHA256SUM := 016dde34e5f868ea98a32ca99b643325a9682281500942b7113f export POPPLER_TARBALL := poppler-21.01.0.tar.xz export POSTGRESQL_SHA256SUM := a754c02f7051c2f21e52f8669a421b50485afcde9a581674d6106326b189d126 export POSTGRESQL_TARBALL := postgresql-9.2.24.tar.bz2 -export PYTHON_SHA256SUM := 06a0a9f1bf0d8cd1e4121194d666c4e28ddae4dd54346de6c343206599f02136 -export PYTHON_TARBALL := Python-3.7.7.tar.xz +export PYTHON_SHA256SUM := f8d82e7572c86ec9d55c8627aae5040124fd2203af400c383c821b980306ee6b +export PYTHON_TARBALL := Python-3.7.10.tar.xz export QRCODEGEN_SHA256SUM := fcdf9fd69fde07ae4dca2351d84271a9de8093002f733b77c70f52f1630f6e4a export QRCODEGEN_TARBALL := QR-Code-generator-1.4.0.tar.gz export QXP_SHA256SUM := e137b6b110120a52c98edd02ebdc4095ee08d0d5295a94316a981750095a945c diff --git a/external/python3/0001-3.6-bpo-17239-Disable-external-entities-in-SAX-parse.patch.1 b/external/python3/0001-3.6-bpo-17239-Disable-external-entities-in-SAX-parse.patch.1 deleted file mode 100644 index 489e5d0e89ee..000000000000 --- a/external/python3/0001-3.6-bpo-17239-Disable-external-entities-in-SAX-parse.patch.1 +++ /dev/null @@ -1,59 +0,0 @@ -From 582d188e6e3487180891f1fc457a80dec8be26a8 Mon Sep 17 00:00:00 2001 -From: Christian Heimes <christian@python.org> -Date: Mon, 24 Sep 2018 14:38:31 +0200 -Subject: [PATCH] [3.6] bpo-17239: Disable external entities in SAX parser - (GH-9217) (GH-9512) - -The SAX parser no longer processes general external entities by default -to increase security. Before, the parser created network connections -to fetch remote files or loaded local files from the file system for DTD -and entities. - -Signed-off-by: Christian Heimes <christian@python.org> - -https://bugs.python.org/issue17239. -(cherry picked from commit 17b1d5d4e36aa57a9b25a0e694affbd1ee637e45) - -Co-authored-by: Christian Heimes <christian@python.org> - - - -https://bugs.python.org/issue17239 ---- - Doc/library/xml.dom.pulldom.rst | 14 +++++ - Doc/library/xml.rst | 6 +- - Doc/library/xml.sax.rst | 8 +++ - Doc/whatsnew/3.6.rst | 18 +++++- - Lib/test/test_pulldom.py | 7 +++ - Lib/test/test_sax.py | 60 ++++++++++++++++++- - Lib/test/test_xml_etree.py | 13 ++++ - Lib/xml/sax/expatreader.py | 2 +- - .../2018-09-11-18-30-55.bpo-17239.kOpwK2.rst | 3 + - 9 files changed, 125 insertions(+), 6 deletions(-) - create mode 100644 Misc/NEWS.d/next/Security/2018-09-11-18-30-55.bpo-17239.kOpwK2.rst - -diff --git a/Lib/xml/sax/expatreader.py b/Lib/xml/sax/expatreader.py -index 421358fa5b..5066ffc2fa 100644 ---- a/Lib/xml/sax/expatreader.py -+++ b/Lib/xml/sax/expatreader.py -@@ -95,7 +95,7 @@ class ExpatParser(xmlreader.IncrementalParser, xmlreader.Locator): - self._lex_handler_prop = None - self._parsing = 0 - self._entity_stack = [] -- self._external_ges = 1 -+ self._external_ges = 0 - self._interning = None - - # XMLReader methods -diff --git a/Misc/NEWS.d/next/Security/2018-09-11-18-30-55.bpo-17239.kOpwK2.rst b/Misc/NEWS.d/next/Security/2018-09-11-18-30-55.bpo-17239.kOpwK2.rst -new file mode 100644 -index 0000000000..8dd0fe8c1b ---- /dev/null -+++ b/Misc/NEWS.d/next/Security/2018-09-11-18-30-55.bpo-17239.kOpwK2.rst -@@ -0,0 +1,3 @@ -+The xml.sax and xml.dom.minidom parsers no longer processes external -+entities by default. External DTD and ENTITY declarations no longer -+load files or create network connections. --- -2.20.1 - diff --git a/external/python3/python-3.3.0-darwin.patch.1 b/external/python3/python-3.3.0-darwin.patch.1 index d5cb17e339a2..10a696aa6e93 100644 --- a/external/python3/python-3.3.0-darwin.patch.1 +++ b/external/python3/python-3.3.0-darwin.patch.1 @@ -49,7 +49,7 @@ diff -ru python3.orig/Mac/Resources/app/Info.plist.in python3/Mac/Resources/app/ - <string>Python</string> + <string>LibreOfficePython</string> <key>CFBundleGetInfoString</key> - <string>%version%, (c) 2001-2016 Python Software Foundation.</string> + <string>%version%, (c) 2001-2020 Python Software Foundation.</string> <key>CFBundleHelpBookFolder</key> diff -ru python3.orig/Mac/Resources/framework/Info.plist.in python3/Mac/Resources/framework/Info.plist.in --- python3.orig/Mac/Resources/framework/Info.plist.in 2015-07-05 18:50:07.000000000 +0200 |