tags 560914 + pending tags 569821 + pending thanks Dear maintainer,
Luca Falavigna and I prepared an NMU for python-4suite (versioned as 1.0.2-7.2) and uploaded it to DELAYED/2. Please feel free to tell me if I should delay it longer.
-- Jakub Wilk
diff -u python-4suite-1.0.2/debian/changelog python-4suite-1.0.2/debian/changelog --- python-4suite-1.0.2/debian/changelog +++ python-4suite-1.0.2/debian/changelog @@ -1,3 +1,19 @@ +python-4suite (1.0.2-7.2) unstable; urgency=low + + [ Luca Falavigna ] + * Non-maintainer upload. + * debian/patches/43-python2.6.dpatch: + - Python 2.6 compatibility patch provided by upstream developers, + fixes build failures on several architectures (Closes: #569821). + * debian/patches/44-kfreebsd.dpatch: + - Allow build on kFreeBSD, thanks Cyril Brulebois! (Closes: #560078). + + [ Jakub Wilk ] + * Fix Expat vulnerabilities: CVE-2009-3560 and CVE-2009-3720. + (Closes: #560914) + + -- Jakub Wilk <jw...@debian.org> Sat, 20 Feb 2010 13:42:38 +0100 + python-4suite (1.0.2-7.1) unstable; urgency=low * Non-maintainer upload. diff -u python-4suite-1.0.2/debian/patches/00list python-4suite-1.0.2/debian/patches/00list --- python-4suite-1.0.2/debian/patches/00list +++ python-4suite-1.0.2/debian/patches/00list @@ -9,0 +10,4 @@ +43-python2.6.dpatch +44-kfreebsd.dpatch +45-cve-2009-3560.dpatch +46-cve-2009-3720.dpatch only in patch2: unchanged: --- python-4suite-1.0.2.orig/debian/patches/44-kfreebsd.dpatch +++ python-4suite-1.0.2/debian/patches/44-kfreebsd.dpatch @@ -0,0 +1,43 @@ +#! /bin/sh -e +## 44-kfreebsd.dpatch by Luca Falavigna <dktrkr...@debian.org> +## DP: kFreeBSD support. + +if [ $# -lt 1 ]; then + echo "`basename $0`: script expects -patch|-unpatch as argument" >&2 + exit 1 +fi + +[ -f debian/patches/00patch-opts ] && . debian/patches/00patch-opts +patch_opts="${patch_opts:--f --no-backup-if-mismatch} ${2:+-d $2}" + +case "$1" in + -patch) patch -p0 ${patch_opts} < $0;; + -unpatch) patch -R -p0 ${patch_opts} < $0;; + *) + echo "`basename $0`: script expects -patch|-unpatch as argument" >&2 + exit 1;; +esac + +exit 0 + +...@dpatch@ +--- 4Suite-XML-1.0.2/Ft/Lib/DistExt/BuildExt.py ++++ 4Suite-XML-1.0.2/Ft/Lib/DistExt/BuildExt.py +@@ -58,7 +58,7 @@ class BuildExt(build_ext.build_ext): + # If built as shared, remove the library dir if the shared library + # is not installed there (which Python does not do by default). + # This fixes the errors building on openSUSE 10.2 w/Python 2.5. +- if (sys.platform.startswith('linux') and ++ if ((sys.platform.startswith('linux') or sys.platform.startswith('gnukfreebsd')) and + sysconfig.get_config_var('Py_ENABLE_SHARED')): + libpl, ldlibrary = sysconfig.get_config_vars('LIBPL', 'LDLIBRARY') + if libpl in self.library_dirs: +@@ -83,6 +83,7 @@ class BuildExt(build_ext.build_ext): + self.symbol_stripping = STRIP_NONE + + elif (sys.platform.startswith('linux') ++ or sys.platform.startswith('gnukfreebsd') + or sys.platform.startswith('freebsd') + or sys.platform.startswith('openbsd') + or sys.platform.startswith('netbsd')): + only in patch2: unchanged: --- python-4suite-1.0.2.orig/debian/patches/46-cve-2009-3720.dpatch +++ python-4suite-1.0.2/debian/patches/46-cve-2009-3720.dpatch @@ -0,0 +1,54 @@ +#! /bin/sh -e +## 45-cve-2009-3720.dpatch by Jakub Wilk <jw...@debian.org> +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: Fix for CVE-2009-3720. + +if [ $# -lt 1 ]; then + echo "`basename $0`: script expects -patch|-unpatch as argument" >&2 + exit 1 +fi + +[ -f debian/patches/00patch-opts ] && . debian/patches/00patch-opts +patch_opts="${patch_opts:--f --no-backup-if-mismatch} ${2:+-d $2}" + +case "$1" in + -patch) patch -p0 ${patch_opts} < $0;; + -unpatch) patch -R -p0 ${patch_opts} < $0;; + *) + echo "`basename $0`: script expects -patch|-unpatch as argument" >&2 + exit 1;; +esac + +exit 0 + +...@dpatch@ +--- 4Suite-XML-1.0.2/Ft/Xml/src/expat/lib/xmltok_impl.c ++++ 4Suite-XML-1.0.2/Ft/Xml/src/expat/lib/xmltok_impl.c +@@ -1742,7 +1742,7 @@ + const char *end, + POSITION *pos) + { +- while (ptr != end) { ++ while (ptr < end) { + switch (BYTE_TYPE(enc, ptr)) { + #define LEAD_CASE(n) \ + case BT_LEAD ## n: \ +--- 4Suite-XML-1.0.2/Ft/Xml/src/expat/lib/xmltok.c ++++ 4Suite-XML-1.0.2/Ft/Xml/src/expat/lib/xmltok.c +@@ -328,13 +328,13 @@ + const char *end, + POSITION *pos) + { +- while (ptr != end) { ++ while (ptr < end) { + unsigned char ch = (unsigned char)*ptr; + if (ch >= 32) { + if (ch < 128) + ptr++; + else +- ptr += utf8_code_length[ch]; ++ ptr += utf8_code_length[ch] ? utf8_code_length[ch] : 1; + pos->columnNumber++; + } else if (ch == 10) { + pos->columnNumber = 0; only in patch2: unchanged: --- python-4suite-1.0.2.orig/debian/patches/45-cve-2009-3560.dpatch +++ python-4suite-1.0.2/debian/patches/45-cve-2009-3560.dpatch @@ -0,0 +1,37 @@ +#! /bin/sh -e +## 45-cve-2009-3560.dpatch by Jakub Wilk <jw...@debian.org> +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: Fix for CVE-2009-3560. + +if [ $# -lt 1 ]; then + echo "`basename $0`: script expects -patch|-unpatch as argument" >&2 + exit 1 +fi + +[ -f debian/patches/00patch-opts ] && . debian/patches/00patch-opts +patch_opts="${patch_opts:--f --no-backup-if-mismatch} ${2:+-d $2}" + +case "$1" in + -patch) patch -p0 ${patch_opts} < $0;; + -unpatch) patch -R -p0 ${patch_opts} < $0;; + *) + echo "`basename $0`: script expects -patch|-unpatch as argument" >&2 + exit 1;; +esac + +exit 0 + +...@dpatch@ +--- 4Suite-XML-1.0.2/Ft/Xml/src/expat/lib/xmlparse.c ++++ 4Suite-XML-1.0.2/Ft/Xml/src/expat/lib/xmlparse.c +@@ -3700,6 +3700,9 @@ + return XML_ERROR_UNCLOSED_TOKEN; + case XML_TOK_PARTIAL_CHAR: + return XML_ERROR_PARTIAL_CHAR; ++ case -XML_TOK_PROLOG_S: ++ tok = -tok; ++ break; + case XML_TOK_NONE: + #ifdef XML_DTD + /* for internal PE NOT referenced between declarations */ only in patch2: unchanged: --- python-4suite-1.0.2.orig/debian/patches/43-python2.6.dpatch +++ python-4suite-1.0.2/debian/patches/43-python2.6.dpatch @@ -0,0 +1,66 @@ +#! /bin/sh -e +## 43-python2.6.dpatch by Luca Falavigna <dktrkr...@debian.org> +## DP: Python 2.6 compatibility. + +if [ $# -lt 1 ]; then + echo "`basename $0`: script expects -patch|-unpatch as argument" >&2 + exit 1 +fi + +[ -f debian/patches/00patch-opts ] && . debian/patches/00patch-opts +patch_opts="${patch_opts:--f --no-backup-if-mismatch} ${2:+-d $2}" + +case "$1" in + -patch) patch -p0 ${patch_opts} < $0;; + -unpatch) patch -R -p0 ${patch_opts} < $0;; + *) + echo "`basename $0`: script expects -patch|-unpatch as argument" >&2 + exit 1;; +esac + +exit 0 + +...@dpatch@ +--- 4Suite-XML-1.0.2/Ft/Lib/DistExt/PackageManager.py 30 Oct 2006 20:42:28 -0000 1.38 ++++ 4Suite-XML-1.0.2/Ft/Lib/DistExt/PackageManager.py 20 May 2008 16:38:00 -0000 1.36.2.3 +@@ -464,7 +464,10 @@ + + def get_provides(package): + provides = {} +- package_version = Version.CommonVersion(package.get_version()) ++ try: ++ package_version = Version.CommonVersion(package.get_version()) ++ except ValueError: ++ package_version = Version.CommonVersion('0.0.0') + for provision in package.get_provides(): + name, vers = Version.SplitProvision(provision) + provides[name] = vers or package_version +--- 4Suite-XML-1.0.2/Ft/Lib/DistExt/Version.py 12 Aug 2006 15:56:24 -0000 1.1 ++++ 4Suite-XML-1.0.2/Ft/Lib/DistExt/Version.py 19 Nov 2008 10:05:21 -0000 1.1.2.2 +@@ -66,15 +66,23 @@ + if not match: + raise ValueError("invalid release tag: %r" % vstring[start:]) + tag, version = match.groups() +- tag = tag and tag.lower() +- if tag in self.tag_aliases: +- tag = self.tag_aliases[tag] ++ if tag: ++ tag = tag.lower() ++ if tag in self.tag_aliases: ++ tag = self.tag_aliases[tag] ++ else: ++ tag = None + if version: + version = versiontuple(version) + else: + version = None ++ if not (tag or version): ++ # Nothing matched, use the remainder as the tag ++ tag = vstring[start:] ++ start = end ++ else: ++ start = match.end() + tags.append((tag, version)) +- start = match.end() + self.tags = tuple(tags) + return
signature.asc
Description: Digital signature