godotengine/buildroot
1
0
Fork 0
mirror of https://github.com/godotengine/buildroot.git synced 2026-01-02 21:48:20 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
2020.02.10
buildroot/package/python3/0031-Add-an-option-to-disable-uuid-module.patch
Adam Duskett fbe6c566a9 package/python3: security bump to version 3.8.3 
Fixes the following security issues:

- bpo-40121: Fixes audit events raised on creating a new socket

- bpo-38576: Disallow control characters in hostnames in http.client,
  addressing CVE-2019-18348.  Such potentially malicious header injection
  URLs now cause a InvalidURL to be raised.

- bpo-39503: CVE-2020-8492: The AbstractBasicAuthHandler class of the
  urllib.request module uses an inefficient regular expression which can be
  exploited by an attacker to cause a denial of service.  Fix the regex to
  prevent the catastrophic backtracking.  Vulnerability reported by Ben
  Caller and Matt Schwager.

For more details, see the changelog:
https://docs.python.org/release/3.8.3/whatsnew/changelog.html#security

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 5ff01eb31f)
[Peter: mention security impact]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-15 23:07:40 +02:00

34 lines
869 B
Diff
Raw Permalink Blame History

From 74007603df0921450f14e8626df36140426cc300 Mon Sep 17 00:00:00 2001
From: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Date: Sat, 18 Aug 2018 10:54:56 +0200
Subject: [PATCH] Add an option to disable uuid module
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
---
configure.ac | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/configure.ac b/configure.ac
index d07e371c57..55ab6c3c26 100644
--- a/configure.ac
+++ b/configure.ac
@@ -3330,6 +3330,15 @@ if test "$CURSES" = "no"; then
DISABLED_EXTENSIONS="${DISABLED_EXTENSIONS} _curses _curses_panel"
fi
+AC_SUBST(UUID)
+AC_ARG_ENABLE(uuid,
+ AS_HELP_STRING([--disable-uuid], [disable uuid]),
+ [ UUID="${enableval}" ], [ UUID=yes ])
+
+if test "$UUID" = "no"; then
+ DISABLED_EXTENSIONS="${DISABLED_EXTENSIONS} _uuid"
+fi
+
AC_SUBST(PYDOC)
AC_ARG_ENABLE(pydoc,
--
2.20.1
Reference in New Issue View Git Blame Copy Permalink