diff options
author | Michał Górny <mgorny@gentoo.org> | 2020-12-12 09:41:56 +0100 |
---|---|---|
committer | Michał Górny <mgorny@gentoo.org> | 2020-12-12 10:09:38 +0100 |
commit | cda063145cccc62b96bc09f2b423e449d6dc134a (patch) | |
tree | c7a78801b2463b97f3eb27fd0337d0d3344290f7 | |
parent | dev-perl/Digest-CRC: Cleanup old 0.210.0 (diff) | |
download | gentoo-cda063145cccc62b96bc09f2b423e449d6dc134a.tar.gz gentoo-cda063145cccc62b96bc09f2b423e449d6dc134a.tar.bz2 gentoo-cda063145cccc62b96bc09f2b423e449d6dc134a.zip |
dev-python/py: Backport CVE-2020-29651 fix
Closes: https://bugs.gentoo.org/759547
Signed-off-by: Michał Górny <mgorny@gentoo.org>
-rw-r--r-- | dev-python/py/files/py-1.9.0-cve-2020-29651.patch | 31 | ||||
-rw-r--r-- | dev-python/py/py-1.9.0-r2.ebuild (renamed from dev-python/py/py-1.9.0-r1.ebuild) | 4 |
2 files changed, 35 insertions, 0 deletions
diff --git a/dev-python/py/files/py-1.9.0-cve-2020-29651.patch b/dev-python/py/files/py-1.9.0-cve-2020-29651.patch new file mode 100644 index 000000000000..af89fb14808c --- /dev/null +++ b/dev-python/py/files/py-1.9.0-cve-2020-29651.patch @@ -0,0 +1,31 @@ +From 4a9017dc6199d2a564b6e4b0aa39d6d8870e4144 Mon Sep 17 00:00:00 2001 +From: Ran Benita <ran@unusedvar.com> +Date: Fri, 4 Sep 2020 13:57:26 +0300 +Subject: [PATCH] svnwc: fix regular expression vulnerable to DoS in blame + functionality + +The subpattern `\d+\s*\S+` is ambiguous which makes the pattern subject +to catastrophic backtracing given a string like `"1" * 5000`. + +SVN blame output seems to always have at least one space between the +revision number and the user name, so the ambiguity can be fixed by +changing the `*` to `+`. + +Fixes #256. +--- + py/_path/svnwc.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/py/_path/svnwc.py b/py/_path/svnwc.py +index 3138dd85..b5b9d8d5 100644 +--- a/py/_path/svnwc.py ++++ b/py/_path/svnwc.py +@@ -396,7 +396,7 @@ def makecmdoptions(self): + def __str__(self): + return "<SvnAuth username=%s ...>" %(self.username,) + +-rex_blame = re.compile(r'\s*(\d+)\s*(\S+) (.*)') ++rex_blame = re.compile(r'\s*(\d+)\s+(\S+) (.*)') + + class SvnWCCommandPath(common.PathBase): + """ path implementation offering access/modification to svn working copies. diff --git a/dev-python/py/py-1.9.0-r1.ebuild b/dev-python/py/py-1.9.0-r2.ebuild index 78e1479659e4..c7102745bc31 100644 --- a/dev-python/py/py-1.9.0-r1.ebuild +++ b/dev-python/py/py-1.9.0-r2.ebuild @@ -14,6 +14,8 @@ SRC_URI="mirror://pypi/${PN:0:1}/${PN}/${P}.tar.gz" LICENSE="MIT" SLOT="0" KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~m68k ~mips ppc ppc64 ~riscv s390 sparc x86 ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" +# This package is unmaintained and keeps being broken periodically. +RESTRICT=test BDEPEND=" dev-python/setuptools_scm[${PYTHON_USEDEP}]" @@ -21,6 +23,8 @@ BDEPEND=" PATCHES=( "${FILESDIR}"/${PN}-1.5.2-skip-apiwarn-pytest31.patch "${FILESDIR}"/${PN}-1.8.0-pytest-4.patch + # https://bugs.gentoo.org/759547 + "${FILESDIR}"/${P}-cve-2020-29651.patch ) distutils_enable_sphinx doc |