[nofify] python: update for multiple vulnerabilities

See http://lwn.net/Vulnerabilities/292410/ for an overview of the issue. Thanks to Jonathan Schleifer for the notification. Patches shameless stolen from gentoo.
2008-08-07 10:14:56 +02:00 · 2008-08-07 10:14:56 +02:00 · c5df120f5a
commit c5df120f5a
parent 6648f2d946
6 changed files with 9 additions and 3 deletions
--- a/python/.md5sum
+++ b/python/.md5sum
@ -1,2 +1,6 @@
+12d1a9953f105464b1f673b6566f739c  CVE-2008-2315.patch.gz
+810695c756477ea6d407dc1ac4dc8c75  CVE-2008-2316.patch.gz
+3984d29be539e2b98828a55c432fc318  CVE-2008-3142.patch.gz
+7c4bcfb76a6994aa373aef12c234958e  CVE-2008-3144.patch.gz
 afb5451049eda91fbde10bd5a4b7fadc  Python-2.5.2.tar.bz2
 6d78d63802ecace8bbe50353862b92cf  python-2.5.2.patch
--- a/python/CVE-2008-2315.patch.gz
+++ b/python/CVE-2008-2315.patch.gz
--- a/python/CVE-2008-2316.patch.gz
+++ b/python/CVE-2008-2316.patch.gz
--- a/python/CVE-2008-3142.patch.gz
+++ b/python/CVE-2008-3142.patch.gz
--- a/python/CVE-2008-3144.patch.gz
+++ b/python/CVE-2008-3144.patch.gz
--- a/python/Pkgfile
+++ b/python/Pkgfile
@ -1,18 +1,20 @@
 # Description: Python interpreter, version 2.5
 # URL:         http://www.python.org
 # Maintainer:  Juergen Daubert, juergen dot daubert at t-online dot de
-# Depends on:  db, gdbm, ncurses, openssl, readline, zlib
+# Depends on:  db gdbm ncurses openssl readline bzip2 zlib

 name=python
 version=2.5.2
-release=2
+release=3
 source=(http://www.python.org/ftp/$name/$version/Python-$version.tar.bz2 \
-        $name-$version.patch)
+        $name-$version.patch CVE-2008-{2315,2316,3142,3144}.patch.gz)

 build () {
    cd Python-$version

    patch -p1 -i $SRC/$name-$version.patch
+    gunzip -c $SRC/CVE*.patch.gz | patch -p1
+
    ./configure --prefix=/usr \
                --mandir=/usr/man \
                --enable-shared \