godotengine/buildroot
1
0
Fork 0
mirror of https://github.com/godotengine/buildroot.git synced 2026-01-04 06:10:16 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
0690e290efc6baef9ae3747945f587e3e9c1afcf
buildroot/package/python3/0027-Add-an-option-to-disable-the-readline-module.patch
Adam Duskett fbe6c566a9 package/python3: security bump to version 3.8.3 
Fixes the following security issues:

- bpo-40121: Fixes audit events raised on creating a new socket

- bpo-38576: Disallow control characters in hostnames in http.client,
  addressing CVE-2019-18348.  Such potentially malicious header injection
  URLs now cause a InvalidURL to be raised.

- bpo-39503: CVE-2020-8492: The AbstractBasicAuthHandler class of the
  urllib.request module uses an inefficient regular expression which can be
  exploited by an attacker to cause a denial of service.  Fix the regex to
  prevent the catastrophic backtracking.  Vulnerability reported by Ben
  Caller and Matt Schwager.

For more details, see the changelog:
https://docs.python.org/release/3.8.3/whatsnew/changelog.html#security

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 5ff01eb31f)
[Peter: mention security impact]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-15 23:07:40 +02:00

31 lines
895 B
Diff
Raw Blame History

From 6e3923f90497ba7230b62fdd3f2dca1cb79852bf Mon Sep 17 00:00:00 2001
From: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Date: Tue, 7 Mar 2017 23:29:05 +0100
Subject: [PATCH] Add an option to disable the readline module
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
---
configure.ac | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/configure.ac b/configure.ac
index 6b09bafda4..b64518eed5 100644
--- a/configure.ac
+++ b/configure.ac
@@ -3288,6 +3288,12 @@ AC_ARG_ENABLE(openssl,
DISABLED_EXTENSIONS="${DISABLED_EXTENSIONS} ssl _ssl _hashlib"
fi])
+AC_ARG_ENABLE(readline,
+ AS_HELP_STRING([--disable-readline], [disable readline]),
+ [ if test "$enableval" = "no"; then
+ DISABLED_EXTENSIONS="${DISABLED_EXTENSIONS} readline"
+ fi])
+
AC_SUBST(TK)
AC_ARG_ENABLE(tk,
AS_HELP_STRING([--disable-tk], [disable tk]),
--
2.20.1
Reference in New Issue View Git Blame Copy Permalink