Commit b4b354c8 authored by Chris Novakovic's avatar Chris Novakovic
Browse files

main/python3: upgrade to 3.8.10

Also bump community/python3-tkinter to 3.8.10.

* Remove ece5dfd403dac211f8d3c72701fe7ba7b7aa5b5f.patch,
  CVE-2020-14422.patch and test_nntplib.patch, since they have been
  merged upstream.
* Remove obsolete configure options --disable-rpath and --enable-threads.
* Skip test_asyncio due to hanging on all architectures (this test is
  constantly being patched upstream to fix this problem).
parent c87d222c
......@@ -2,7 +2,7 @@
# Contributor: Kiyoshi Aman <kiyoshi.aman@gmail.com>
pkgname=python3-tkinter
pkgver=3.8.0
pkgver=3.8.10
_basever="${pkgver%.*}"
pkgrel=0
pkgdesc="A graphical user interface for the Python"
......@@ -53,7 +53,6 @@ build() {
./configure \
--prefix=/usr \
--disable-rpath \
--enable-ipv6 \
--enable-loadable-sqlite-extensions \
--enable-shared \
......@@ -61,8 +60,7 @@ build() {
--with-computed-gotos \
--with-dbmliborder=gdbm:ndbm \
--with-system-expat \
--with-system-ffi \
--with-threads
--with-system-ffi
# set thread stack size to 1MB so we don't segfault before we hit
# sys.getrecursionlimit()
......@@ -115,6 +113,6 @@ _idle() {
_mv_files usr/lib/python*/idlelib
}
sha512sums="5f9bfcb3acdf592770a9d5abd2c32c68c55a49b92f958ded069e3ef31cf2d415e67112b4f6738fab237dc29e5c622298719946d2e9471e7e78e3a6bdf2fac1d1 Python-3.8.0.tar.xz
sha512sums="0be69705483ff9692e12048a96180e586f9d84c8d53066629f7fb2389585eb75c0f3506bb8182936e322508f58b71f4d8c6dfebbab9049b31b49da11d3b98e80 Python-3.8.10.tar.xz
ab8eaa2858d5109049b1f9f553198d40e0ef8d78211ad6455f7b491af525bffb16738fed60fc84e960c4889568d25753b9e4a1494834fea48291b33f07000ec2 musl-find_library.patch
37b6ee5d0d5de43799316aa111423ba5a666c17dc7f81b04c330f59c1d1565540eac4c585abe2199bbed52ebe7426001edb1c53bd0a17486a2a8e052d0f494ad fix-xattrs-glibc.patch"
......@@ -3,9 +3,9 @@
pkgname=python3
# the python3-tkinter's pkgver needs to be synchronized with this.
pkgver=3.8.2
pkgver=3.8.10
_basever="${pkgver%.*}"
pkgrel=2
pkgrel=0
pkgdesc="A high-level scripting language"
url="https://www.python.org/"
arch="all"
......@@ -19,9 +19,6 @@ makedepends="expat-dev openssl-dev zlib-dev ncurses-dev bzip2-dev xz-dev
source="https://www.python.org/ftp/python/$pkgver/Python-$pkgver.tar.xz
fix-xattrs-glibc.patch
musl-find_library.patch
CVE-2020-14422.patch
ece5dfd403dac211f8d3c72701fe7ba7b7aa5b5f.patch
test_nntplib.patch
"
builddir="$srcdir/Python-$pkgver"
......@@ -57,7 +54,6 @@ build() {
./configure \
--prefix=/usr \
--disable-rpath \
--enable-ipv6 \
--enable-loadable-sqlite-extensions \
--enable-optimizations \
......@@ -66,8 +62,7 @@ build() {
--with-computed-gotos \
--with-dbmliborder=gdbm:ndbm \
--with-system-expat \
--with-system-ffi \
--with-threads
--with-system-ffi
# set thread stack size to 1MB so we don't segfault before we hit
# sys.getrecursionlimit()
......@@ -113,6 +108,7 @@ EOF
fail="$fail test_cmd_line_script" # fails on x86_64
fail="$fail test_multiprocessing_main_handling" # fails on x86_64
fail="$fail test_runpy" # fails on x86_64
fail="$fail test_asyncio" # hangs; routinely problematic (e.g. bpo-39101, bpo-41891, bpo-42183)
# kernel related
fail="$fail test_fcntl" # wants DNOTIFY, we don't have it
......@@ -164,9 +160,6 @@ wininst() {
mv "$pkgdir"/usr/lib/python$_basever/distutils/command/*.exe \
"$subpkgdir"/usr/lib/python$_basever/distutils/command
}
sha512sums="ca37ad0e7c5845f5f228566aa8ff654a8f428c7d4a5aaabff29baebb0ca3219b31ba8bb2607f89e37cf3fc564f023b8407e53a4f2c47bd99122c1cc222613e37 Python-3.8.2.tar.xz
sha512sums="0be69705483ff9692e12048a96180e586f9d84c8d53066629f7fb2389585eb75c0f3506bb8182936e322508f58b71f4d8c6dfebbab9049b31b49da11d3b98e80 Python-3.8.10.tar.xz
37b6ee5d0d5de43799316aa111423ba5a666c17dc7f81b04c330f59c1d1565540eac4c585abe2199bbed52ebe7426001edb1c53bd0a17486a2a8e052d0f494ad fix-xattrs-glibc.patch
ab8eaa2858d5109049b1f9f553198d40e0ef8d78211ad6455f7b491af525bffb16738fed60fc84e960c4889568d25753b9e4a1494834fea48291b33f07000ec2 musl-find_library.patch
f84922e46e39d681c0d1f95a211b81c6fba1fc3636379fa5c6b47284d693478b6afe08e07703678d9d8ce8e59295df2a705f9a0c8cb54a69a1fee6960d2ebddd CVE-2020-14422.patch
62b9b25c40e1fe2bfd068cfa056fb7a0a8d5ef1b00256a216efbaa7c36c2fc2f292e20776ccf7c43affb427232b2e6b9348845076e29f9621e48b06fc13e29e2 ece5dfd403dac211f8d3c72701fe7ba7b7aa5b5f.patch
f0b2da4937cac618c40b9e2b6e332de321cd6d292820f11a74122a6c1440f4dadc73dead6a1cf07ea54af3c4db66e0ba38af83f139f7d5f77d479c179376139d test_nntplib.patch"
ab8eaa2858d5109049b1f9f553198d40e0ef8d78211ad6455f7b491af525bffb16738fed60fc84e960c4889568d25753b9e4a1494834fea48291b33f07000ec2 musl-find_library.patch"
From b98e7790c77a4378ec4b1c71b84138cb930b69b7 Mon Sep 17 00:00:00 2001
From: Tapas Kundu <39723251+tapakund@users.noreply.github.com>
Date: Wed, 1 Jul 2020 00:50:21 +0530
Subject: [PATCH] [3.7] bpo-41004: Resolve hash collisions for IPv4Interface
and IPv6Interface (GH-21033) (GH-21231)
CVE-2020-14422
The __hash__() methods of classes IPv4Interface and IPv6Interface had issue
of generating constant hash values of 32 and 128 respectively causing hash collisions.
The fix uses the hash() function to generate hash values for the objects
instead of XOR operation
(cherry picked from commit b30ee26e366bf509b7538d79bfec6c6d38d53f28)
Co-authored-by: Ravi Teja P <rvteja92@gmail.com>
Signed-off-by: Tapas Kundu <tkundu@vmware.com>
---
Lib/ipaddress.py | 4 ++--
Lib/test/test_ipaddress.py | 11 +++++++++++
.../Security/2020-06-29-16-02-29.bpo-41004.ovF0KZ.rst | 1 +
3 files changed, 14 insertions(+), 2 deletions(-)
create mode 100644 Misc/NEWS.d/next/Security/2020-06-29-16-02-29.bpo-41004.ovF0KZ.rst
diff --git a/Lib/ipaddress.py b/Lib/ipaddress.py
index 80249288d73ab..54882934c3dc1 100644
--- a/Lib/ipaddress.py
+++ b/Lib/ipaddress.py
@@ -1442,7 +1442,7 @@ def __lt__(self, other):
return False
def __hash__(self):
- return self._ip ^ self._prefixlen ^ int(self.network.network_address)
+ return hash((self._ip, self._prefixlen, int(self.network.network_address)))
__reduce__ = _IPAddressBase.__reduce__
@@ -2088,7 +2088,7 @@ def __lt__(self, other):
return False
def __hash__(self):
- return self._ip ^ self._prefixlen ^ int(self.network.network_address)
+ return hash((self._ip, self._prefixlen, int(self.network.network_address)))
__reduce__ = _IPAddressBase.__reduce__
diff --git a/Lib/test/test_ipaddress.py b/Lib/test/test_ipaddress.py
index 455b893fb126f..1fb6a929dc2d9 100644
--- a/Lib/test/test_ipaddress.py
+++ b/Lib/test/test_ipaddress.py
@@ -2091,6 +2091,17 @@ def testsixtofour(self):
sixtofouraddr.sixtofour)
self.assertFalse(bad_addr.sixtofour)
+ # issue41004 Hash collisions in IPv4Interface and IPv6Interface
+ def testV4HashIsNotConstant(self):
+ ipv4_address1 = ipaddress.IPv4Interface("1.2.3.4")
+ ipv4_address2 = ipaddress.IPv4Interface("2.3.4.5")
+ self.assertNotEqual(ipv4_address1.__hash__(), ipv4_address2.__hash__())
+
+ # issue41004 Hash collisions in IPv4Interface and IPv6Interface
+ def testV6HashIsNotConstant(self):
+ ipv6_address1 = ipaddress.IPv6Interface("2001:658:22a:cafe:200:0:0:1")
+ ipv6_address2 = ipaddress.IPv6Interface("2001:658:22a:cafe:200:0:0:2")
+ self.assertNotEqual(ipv6_address1.__hash__(), ipv6_address2.__hash__())
if __name__ == '__main__':
unittest.main()
diff --git a/Misc/NEWS.d/next/Security/2020-06-29-16-02-29.bpo-41004.ovF0KZ.rst b/Misc/NEWS.d/next/Security/2020-06-29-16-02-29.bpo-41004.ovF0KZ.rst
new file mode 100644
index 0000000000000..f5a9db52fff52
--- /dev/null
+++ b/Misc/NEWS.d/next/Security/2020-06-29-16-02-29.bpo-41004.ovF0KZ.rst
@@ -0,0 +1 @@
+CVE-2020-14422: The __hash__() methods of ipaddress.IPv4Interface and ipaddress.IPv6Interface incorrectly generated constant hash values of 32 and 128 respectively. This resulted in always causing hash collisions. The fix uses hash() to generate hash values for the tuple of (address, mask length, network address).
From ece5dfd403dac211f8d3c72701fe7ba7b7aa5b5f Mon Sep 17 00:00:00 2001
From: "Miss Islington (bot)"
<31488909+miss-islington@users.noreply.github.com>
Date: Mon, 18 Jan 2021 13:28:52 -0800
Subject: [PATCH] closes bpo-42938: Replace snprintf with Python unicode
formatting in ctypes param reprs. (GH-24248)
(cherry picked from commit 916610ef90a0d0761f08747f7b0905541f0977c7)
Co-authored-by: Benjamin Peterson <benjamin@python.org>
Co-authored-by: Benjamin Peterson <benjamin@python.org>
---
Lib/ctypes/test/test_parameters.py | 43 ++++++++++++++++
.../2021-01-18-09-27-31.bpo-42938.4Zn4Mp.rst | 2 +
Modules/_ctypes/callproc.c | 51 +++++++------------
3 files changed, 64 insertions(+), 32 deletions(-)
create mode 100644 Misc/NEWS.d/next/Security/2021-01-18-09-27-31.bpo-42938.4Zn4Mp.rst
diff --git a/Lib/ctypes/test/test_parameters.py b/Lib/ctypes/test/test_parameters.py
index e4c25fd880cef..531894fdec838 100644
--- a/Lib/ctypes/test/test_parameters.py
+++ b/Lib/ctypes/test/test_parameters.py
@@ -201,6 +201,49 @@ def __dict__(self):
with self.assertRaises(ZeroDivisionError):
WorseStruct().__setstate__({}, b'foo')
+ def test_parameter_repr(self):
+ from ctypes import (
+ c_bool,
+ c_char,
+ c_wchar,
+ c_byte,
+ c_ubyte,
+ c_short,
+ c_ushort,
+ c_int,
+ c_uint,
+ c_long,
+ c_ulong,
+ c_longlong,
+ c_ulonglong,
+ c_float,
+ c_double,
+ c_longdouble,
+ c_char_p,
+ c_wchar_p,
+ c_void_p,
+ )
+ self.assertRegex(repr(c_bool.from_param(True)), r"^<cparam '\?' at 0x[A-Fa-f0-9]+>$")
+ self.assertEqual(repr(c_char.from_param(97)), "<cparam 'c' ('a')>")
+ self.assertRegex(repr(c_wchar.from_param('a')), r"^<cparam 'u' at 0x[A-Fa-f0-9]+>$")
+ self.assertEqual(repr(c_byte.from_param(98)), "<cparam 'b' (98)>")
+ self.assertEqual(repr(c_ubyte.from_param(98)), "<cparam 'B' (98)>")
+ self.assertEqual(repr(c_short.from_param(511)), "<cparam 'h' (511)>")
+ self.assertEqual(repr(c_ushort.from_param(511)), "<cparam 'H' (511)>")
+ self.assertRegex(repr(c_int.from_param(20000)), r"^<cparam '[li]' \(20000\)>$")
+ self.assertRegex(repr(c_uint.from_param(20000)), r"^<cparam '[LI]' \(20000\)>$")
+ self.assertRegex(repr(c_long.from_param(20000)), r"^<cparam '[li]' \(20000\)>$")
+ self.assertRegex(repr(c_ulong.from_param(20000)), r"^<cparam '[LI]' \(20000\)>$")
+ self.assertRegex(repr(c_longlong.from_param(20000)), r"^<cparam '[liq]' \(20000\)>$")
+ self.assertRegex(repr(c_ulonglong.from_param(20000)), r"^<cparam '[LIQ]' \(20000\)>$")
+ self.assertEqual(repr(c_float.from_param(1.5)), "<cparam 'f' (1.5)>")
+ self.assertEqual(repr(c_double.from_param(1.5)), "<cparam 'd' (1.5)>")
+ self.assertEqual(repr(c_double.from_param(1e300)), "<cparam 'd' (1e+300)>")
+ self.assertRegex(repr(c_longdouble.from_param(1.5)), r"^<cparam ('d' \(1.5\)|'g' at 0x[A-Fa-f0-9]+)>$")
+ self.assertRegex(repr(c_char_p.from_param(b'hihi')), "^<cparam 'z' \(0x[A-Fa-f0-9]+\)>$")
+ self.assertRegex(repr(c_wchar_p.from_param('hihi')), "^<cparam 'Z' \(0x[A-Fa-f0-9]+\)>$")
+ self.assertRegex(repr(c_void_p.from_param(0x12)), r"^<cparam 'P' \(0x0*12\)>$")
+
################################################################
if __name__ == '__main__':
diff --git a/Misc/NEWS.d/next/Security/2021-01-18-09-27-31.bpo-42938.4Zn4Mp.rst b/Misc/NEWS.d/next/Security/2021-01-18-09-27-31.bpo-42938.4Zn4Mp.rst
new file mode 100644
index 0000000000000..7df65a156feab
--- /dev/null
+++ b/Misc/NEWS.d/next/Security/2021-01-18-09-27-31.bpo-42938.4Zn4Mp.rst
@@ -0,0 +1,2 @@
+Avoid static buffers when computing the repr of :class:`ctypes.c_double` and
+:class:`ctypes.c_longdouble` values.
diff --git a/Modules/_ctypes/callproc.c b/Modules/_ctypes/callproc.c
index a9b8675cd951b..de75918d49f37 100644
--- a/Modules/_ctypes/callproc.c
+++ b/Modules/_ctypes/callproc.c
@@ -484,58 +484,47 @@ is_literal_char(unsigned char c)
static PyObject *
PyCArg_repr(PyCArgObject *self)
{
- char buffer[256];
switch(self->tag) {
case 'b':
case 'B':
- sprintf(buffer, "<cparam '%c' (%d)>",
+ return PyUnicode_FromFormat("<cparam '%c' (%d)>",
self->tag, self->value.b);
- break;
case 'h':
case 'H':
- sprintf(buffer, "<cparam '%c' (%d)>",
+ return PyUnicode_FromFormat("<cparam '%c' (%d)>",
self->tag, self->value.h);
- break;
case 'i':
case 'I':
- sprintf(buffer, "<cparam '%c' (%d)>",
+ return PyUnicode_FromFormat("<cparam '%c' (%d)>",
self->tag, self->value.i);
- break;
case 'l':
case 'L':
- sprintf(buffer, "<cparam '%c' (%ld)>",
+ return PyUnicode_FromFormat("<cparam '%c' (%ld)>",
self->tag, self->value.l);
- break;
case 'q':
case 'Q':
- sprintf(buffer,
-#ifdef MS_WIN32
- "<cparam '%c' (%I64d)>",
-#else
- "<cparam '%c' (%lld)>",
-#endif
+ return PyUnicode_FromFormat("<cparam '%c' (%lld)>",
self->tag, self->value.q);
- break;
case 'd':
- sprintf(buffer, "<cparam '%c' (%f)>",
- self->tag, self->value.d);
- break;
- case 'f':
- sprintf(buffer, "<cparam '%c' (%f)>",
- self->tag, self->value.f);
- break;
-
+ case 'f': {
+ PyObject *f = PyFloat_FromDouble((self->tag == 'f') ? self->value.f : self->value.d);
+ if (f == NULL) {
+ return NULL;
+ }
+ PyObject *result = PyUnicode_FromFormat("<cparam '%c' (%R)>", self->tag, f);
+ Py_DECREF(f);
+ return result;
+ }
case 'c':
if (is_literal_char((unsigned char)self->value.c)) {
- sprintf(buffer, "<cparam '%c' ('%c')>",
+ return PyUnicode_FromFormat("<cparam '%c' ('%c')>",
self->tag, self->value.c);
}
else {
- sprintf(buffer, "<cparam '%c' ('\\x%02x')>",
+ return PyUnicode_FromFormat("<cparam '%c' ('\\x%02x')>",
self->tag, (unsigned char)self->value.c);
}
- break;
/* Hm, are these 'z' and 'Z' codes useful at all?
Shouldn't they be replaced by the functionality of c_string
@@ -544,22 +533,20 @@ PyCArg_repr(PyCArgObject *self)
case 'z':
case 'Z':
case 'P':
- sprintf(buffer, "<cparam '%c' (%p)>",
+ return PyUnicode_FromFormat("<cparam '%c' (%p)>",
self->tag, self->value.p);
break;
default:
if (is_literal_char((unsigned char)self->tag)) {
- sprintf(buffer, "<cparam '%c' at %p>",
+ return PyUnicode_FromFormat("<cparam '%c' at %p>",
(unsigned char)self->tag, (void *)self);
}
else {
- sprintf(buffer, "<cparam 0x%02x at %p>",
+ return PyUnicode_FromFormat("<cparam 0x%02x at %p>",
(unsigned char)self->tag, (void *)self);
}
- break;
}
- return PyUnicode_FromString(buffer);
}
static PyMemberDef PyCArgType_members[] = {
diff --git a/Lib/test/test_nntplib.py b/Lib/test/test_nntplib.py
index fbd7db03defb1..89a2004dfb139 100644
--- a/Lib/test/test_nntplib.py
+++ b/Lib/test/test_nntplib.py
@@ -82,7 +82,7 @@ def _check_desc(desc):
desc = self.server.description(self.GROUP_NAME)
_check_desc(desc)
# Another sanity check
- self.assertIn("Python", desc)
+ self.assertIn(self.DESC, desc)
# With a pattern
desc = self.server.description(self.GROUP_PAT)
_check_desc(desc)
@@ -299,6 +299,7 @@ class NetworkedNNTPTests(NetworkedNNTPTestsMixin, unittest.TestCase):
NNTP_HOST = 'news.trigofacile.com'
GROUP_NAME = 'fr.comp.lang.python'
GROUP_PAT = 'fr.comp.lang.*'
+ DESC = 'Python'
NNTP_CLASS = NNTP
@@ -332,8 +333,11 @@ class NetworkedNNTP_SSLTests(NetworkedNNTPTests):
# 400 connections per day are accepted from each IP address."
NNTP_HOST = 'nntp.aioe.org'
- GROUP_NAME = 'comp.lang.python'
- GROUP_PAT = 'comp.lang.*'
+ # bpo-42794: aioe.test is one of the official groups on this server
+ # used for testing: https://news.aioe.org/manual/aioe-hierarchy/
+ GROUP_NAME = 'aioe.test'
+ GROUP_PAT = 'aioe.*'
+ DESC = 'test'
NNTP_CLASS = getattr(nntplib, 'NNTP_SSL', None)
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment