tags 560914 + pending tags 569821 + pending thanks Dear maintainer,
Luca Falavigna and I prepared an NMU for python-4suite (versioned as 1.0.2-7.2) and uploaded it to DELAYED/2. Please feel free to tell me if I should delay it longer.
-- Jakub Wilk
diff -u python-4suite-1.0.2/debian/changelog python-4suite-1.0.2/debian/changelog
--- python-4suite-1.0.2/debian/changelog
+++ python-4suite-1.0.2/debian/changelog
@@ -1,3 +1,19 @@
+python-4suite (1.0.2-7.2) unstable; urgency=low
+
+ [ Luca Falavigna ]
+ * Non-maintainer upload.
+ * debian/patches/43-python2.6.dpatch:
+ - Python 2.6 compatibility patch provided by upstream developers,
+ fixes build failures on several architectures (Closes: #569821).
+ * debian/patches/44-kfreebsd.dpatch:
+ - Allow build on kFreeBSD, thanks Cyril Brulebois! (Closes: #560078).
+
+ [ Jakub Wilk ]
+ * Fix Expat vulnerabilities: CVE-2009-3560 and CVE-2009-3720.
+ (Closes: #560914)
+
+ -- Jakub Wilk <jw...@debian.org> Sat, 20 Feb 2010 13:42:38 +0100
+
python-4suite (1.0.2-7.1) unstable; urgency=low
* Non-maintainer upload.
diff -u python-4suite-1.0.2/debian/patches/00list python-4suite-1.0.2/debian/patches/00list
--- python-4suite-1.0.2/debian/patches/00list
+++ python-4suite-1.0.2/debian/patches/00list
@@ -9,0 +10,4 @@
+43-python2.6.dpatch
+44-kfreebsd.dpatch
+45-cve-2009-3560.dpatch
+46-cve-2009-3720.dpatch
only in patch2:
unchanged:
--- python-4suite-1.0.2.orig/debian/patches/44-kfreebsd.dpatch
+++ python-4suite-1.0.2/debian/patches/44-kfreebsd.dpatch
@@ -0,0 +1,43 @@
+#! /bin/sh -e
+## 44-kfreebsd.dpatch by Luca Falavigna <dktrkr...@debian.org>
+## DP: kFreeBSD support.
+
+if [ $# -lt 1 ]; then
+ echo "`basename $0`: script expects -patch|-unpatch as argument" >&2
+ exit 1
+fi
+
+[ -f debian/patches/00patch-opts ] && . debian/patches/00patch-opts
+patch_opts="${patch_opts:--f --no-backup-if-mismatch} ${2:+-d $2}"
+
+case "$1" in
+ -patch) patch -p0 ${patch_opts} < $0;;
+ -unpatch) patch -R -p0 ${patch_opts} < $0;;
+ *)
+ echo "`basename $0`: script expects -patch|-unpatch as argument" >&2
+ exit 1;;
+esac
+
+exit 0
+
+...@dpatch@
+--- 4Suite-XML-1.0.2/Ft/Lib/DistExt/BuildExt.py
++++ 4Suite-XML-1.0.2/Ft/Lib/DistExt/BuildExt.py
+@@ -58,7 +58,7 @@ class BuildExt(build_ext.build_ext):
+ # If built as shared, remove the library dir if the shared library
+ # is not installed there (which Python does not do by default).
+ # This fixes the errors building on openSUSE 10.2 w/Python 2.5.
+- if (sys.platform.startswith('linux') and
++ if ((sys.platform.startswith('linux') or sys.platform.startswith('gnukfreebsd')) and
+ sysconfig.get_config_var('Py_ENABLE_SHARED')):
+ libpl, ldlibrary = sysconfig.get_config_vars('LIBPL', 'LDLIBRARY')
+ if libpl in self.library_dirs:
+@@ -83,6 +83,7 @@ class BuildExt(build_ext.build_ext):
+ self.symbol_stripping = STRIP_NONE
+
+ elif (sys.platform.startswith('linux')
++ or sys.platform.startswith('gnukfreebsd')
+ or sys.platform.startswith('freebsd')
+ or sys.platform.startswith('openbsd')
+ or sys.platform.startswith('netbsd')):
+
only in patch2:
unchanged:
--- python-4suite-1.0.2.orig/debian/patches/46-cve-2009-3720.dpatch
+++ python-4suite-1.0.2/debian/patches/46-cve-2009-3720.dpatch
@@ -0,0 +1,54 @@
+#! /bin/sh -e
+## 45-cve-2009-3720.dpatch by Jakub Wilk <jw...@debian.org>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: Fix for CVE-2009-3720.
+
+if [ $# -lt 1 ]; then
+ echo "`basename $0`: script expects -patch|-unpatch as argument" >&2
+ exit 1
+fi
+
+[ -f debian/patches/00patch-opts ] && . debian/patches/00patch-opts
+patch_opts="${patch_opts:--f --no-backup-if-mismatch} ${2:+-d $2}"
+
+case "$1" in
+ -patch) patch -p0 ${patch_opts} < $0;;
+ -unpatch) patch -R -p0 ${patch_opts} < $0;;
+ *)
+ echo "`basename $0`: script expects -patch|-unpatch as argument" >&2
+ exit 1;;
+esac
+
+exit 0
+
+...@dpatch@
+--- 4Suite-XML-1.0.2/Ft/Xml/src/expat/lib/xmltok_impl.c
++++ 4Suite-XML-1.0.2/Ft/Xml/src/expat/lib/xmltok_impl.c
+@@ -1742,7 +1742,7 @@
+ const char *end,
+ POSITION *pos)
+ {
+- while (ptr != end) {
++ while (ptr < end) {
+ switch (BYTE_TYPE(enc, ptr)) {
+ #define LEAD_CASE(n) \
+ case BT_LEAD ## n: \
+--- 4Suite-XML-1.0.2/Ft/Xml/src/expat/lib/xmltok.c
++++ 4Suite-XML-1.0.2/Ft/Xml/src/expat/lib/xmltok.c
+@@ -328,13 +328,13 @@
+ const char *end,
+ POSITION *pos)
+ {
+- while (ptr != end) {
++ while (ptr < end) {
+ unsigned char ch = (unsigned char)*ptr;
+ if (ch >= 32) {
+ if (ch < 128)
+ ptr++;
+ else
+- ptr += utf8_code_length[ch];
++ ptr += utf8_code_length[ch] ? utf8_code_length[ch] : 1;
+ pos->columnNumber++;
+ } else if (ch == 10) {
+ pos->columnNumber = 0;
only in patch2:
unchanged:
--- python-4suite-1.0.2.orig/debian/patches/45-cve-2009-3560.dpatch
+++ python-4suite-1.0.2/debian/patches/45-cve-2009-3560.dpatch
@@ -0,0 +1,37 @@
+#! /bin/sh -e
+## 45-cve-2009-3560.dpatch by Jakub Wilk <jw...@debian.org>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: Fix for CVE-2009-3560.
+
+if [ $# -lt 1 ]; then
+ echo "`basename $0`: script expects -patch|-unpatch as argument" >&2
+ exit 1
+fi
+
+[ -f debian/patches/00patch-opts ] && . debian/patches/00patch-opts
+patch_opts="${patch_opts:--f --no-backup-if-mismatch} ${2:+-d $2}"
+
+case "$1" in
+ -patch) patch -p0 ${patch_opts} < $0;;
+ -unpatch) patch -R -p0 ${patch_opts} < $0;;
+ *)
+ echo "`basename $0`: script expects -patch|-unpatch as argument" >&2
+ exit 1;;
+esac
+
+exit 0
+
+...@dpatch@
+--- 4Suite-XML-1.0.2/Ft/Xml/src/expat/lib/xmlparse.c
++++ 4Suite-XML-1.0.2/Ft/Xml/src/expat/lib/xmlparse.c
+@@ -3700,6 +3700,9 @@
+ return XML_ERROR_UNCLOSED_TOKEN;
+ case XML_TOK_PARTIAL_CHAR:
+ return XML_ERROR_PARTIAL_CHAR;
++ case -XML_TOK_PROLOG_S:
++ tok = -tok;
++ break;
+ case XML_TOK_NONE:
+ #ifdef XML_DTD
+ /* for internal PE NOT referenced between declarations */
only in patch2:
unchanged:
--- python-4suite-1.0.2.orig/debian/patches/43-python2.6.dpatch
+++ python-4suite-1.0.2/debian/patches/43-python2.6.dpatch
@@ -0,0 +1,66 @@
+#! /bin/sh -e
+## 43-python2.6.dpatch by Luca Falavigna <dktrkr...@debian.org>
+## DP: Python 2.6 compatibility.
+
+if [ $# -lt 1 ]; then
+ echo "`basename $0`: script expects -patch|-unpatch as argument" >&2
+ exit 1
+fi
+
+[ -f debian/patches/00patch-opts ] && . debian/patches/00patch-opts
+patch_opts="${patch_opts:--f --no-backup-if-mismatch} ${2:+-d $2}"
+
+case "$1" in
+ -patch) patch -p0 ${patch_opts} < $0;;
+ -unpatch) patch -R -p0 ${patch_opts} < $0;;
+ *)
+ echo "`basename $0`: script expects -patch|-unpatch as argument" >&2
+ exit 1;;
+esac
+
+exit 0
+
+...@dpatch@
+--- 4Suite-XML-1.0.2/Ft/Lib/DistExt/PackageManager.py 30 Oct 2006 20:42:28 -0000 1.38
++++ 4Suite-XML-1.0.2/Ft/Lib/DistExt/PackageManager.py 20 May 2008 16:38:00 -0000 1.36.2.3
+@@ -464,7 +464,10 @@
+
+ def get_provides(package):
+ provides = {}
+- package_version = Version.CommonVersion(package.get_version())
++ try:
++ package_version = Version.CommonVersion(package.get_version())
++ except ValueError:
++ package_version = Version.CommonVersion('0.0.0')
+ for provision in package.get_provides():
+ name, vers = Version.SplitProvision(provision)
+ provides[name] = vers or package_version
+--- 4Suite-XML-1.0.2/Ft/Lib/DistExt/Version.py 12 Aug 2006 15:56:24 -0000 1.1
++++ 4Suite-XML-1.0.2/Ft/Lib/DistExt/Version.py 19 Nov 2008 10:05:21 -0000 1.1.2.2
+@@ -66,15 +66,23 @@
+ if not match:
+ raise ValueError("invalid release tag: %r" % vstring[start:])
+ tag, version = match.groups()
+- tag = tag and tag.lower()
+- if tag in self.tag_aliases:
+- tag = self.tag_aliases[tag]
++ if tag:
++ tag = tag.lower()
++ if tag in self.tag_aliases:
++ tag = self.tag_aliases[tag]
++ else:
++ tag = None
+ if version:
+ version = versiontuple(version)
+ else:
+ version = None
++ if not (tag or version):
++ # Nothing matched, use the remainder as the tag
++ tag = vstring[start:]
++ start = end
++ else:
++ start = match.end()
+ tags.append((tag, version))
+- start = match.end()
+ self.tags = tuple(tags)
+ return
signature.asc
Description: Digital signature
