diff options
author | V3n3RiX <venerix@redcorelinux.org> | 2017-10-09 18:53:29 +0100 |
---|---|---|
committer | V3n3RiX <venerix@redcorelinux.org> | 2017-10-09 18:53:29 +0100 |
commit | 4f2d7949f03e1c198bc888f2d05f421d35c57e21 (patch) | |
tree | ba5f07bf3f9d22d82e54a462313f5d244036c768 /dev-python/pyxdg |
reinit the tree, so we can have metadata
Diffstat (limited to 'dev-python/pyxdg')
-rw-r--r-- | dev-python/pyxdg/Manifest | 6 | ||||
-rw-r--r-- | dev-python/pyxdg/files/sec-patch-CVE-2014-1624.patch | 54 | ||||
-rw-r--r-- | dev-python/pyxdg/metadata.xml | 14 | ||||
-rw-r--r-- | dev-python/pyxdg/pyxdg-0.25-r1.ebuild | 26 |
4 files changed, 100 insertions, 0 deletions
diff --git a/dev-python/pyxdg/Manifest b/dev-python/pyxdg/Manifest new file mode 100644 index 000000000000..6c424c4849f4 --- /dev/null +++ b/dev-python/pyxdg/Manifest @@ -0,0 +1,6 @@ +AUX sec-patch-CVE-2014-1624.patch 1867 SHA256 1108675e64e51730ff5411f7e7dfab9fa68de66be0afaa73a46a1472d75766e8 SHA512 f0ff5255108b7a5774d376a8892f1120f5056ec92fa543af7e5aabe3792e7ecd347ac78ff5c04ab36db35bba513a412f6aa06fe718933317a903264bd184b712 WHIRLPOOL 9a4df7948bc32fa8f471f6edb7066318231666d90ff4038733ffaae7ceb303c930bc9c552f72a08b978c0b259e802d24bba6e01383a7b836989f339ee673909a +DIST pyxdg-0.25.tar.gz 48935 SHA256 81e883e0b9517d624e8b0499eb267b82a815c0b7146d5269f364988ae031279d SHA512 86cbf3a54fb8e79043db60dcdbb3fb10013ae25a900fa3592edc8a24bf3f440c19bc04626c7906293c785fcb56eab9d87d209b723b5baa872376ba1eb86758b6 WHIRLPOOL 8e77c83f52c5836f4476645fc1d297311c1537e60a8fe364c75c842baf0530def1a483c19489af87ec78d340e630af18ed9a210cecc56f183037e34e58e0e450 +EBUILD pyxdg-0.25-r1.ebuild 755 SHA256 e2804971f145cabaf5f863be926d8ea37db9eb640d5029121461b087e9f7453a SHA512 f4f92b92d43107ea6d2aad282683b001db8b89d5747a9dcd33ac81b1eb908ab755f70d7484094bc455c578b07798fd149875675fda5e380918182d3653df536f WHIRLPOOL 24d17e3bf211c3ba5ded10e1e533f558e9cb8dbf83228785c6d9d2d38f172ba68e403ed570787c709b512c91b3365230f00f598323f5652d5d97bc67dae10135 +MISC ChangeLog 3867 SHA256 69b4f3a38aae191bf88819dd742cb8d8175d0c2066a98a7cf62ed348bd4d9689 SHA512 f19d25c84f4a908d12164d490ad24043938d1ccde3decc131f05dd8aa0e8aa43cd87b9d9be2565c8f7b9990e2179cf1b4db087b8bd649a13dc0b05e02913b902 WHIRLPOOL 33218839d599545e5317a84856c6b39778cc899f1bd79b931c254f4a62290ed4766b5e2366c40b4d37429df5784821f82e678d40dbc3e8edd8962b6a1b1e67cc +MISC ChangeLog-2015 15451 SHA256 1d868c3e1f5c914af9129a25ffaae92c842953aa5ebf1d178b296d70c1587a03 SHA512 aea060e1d14cb0b1ebce57a0e39b8c912b6596eef127e3e177a28db5734c1fd29b7f68ffa166ecdc7cf497d8349bfb06439323c1d0a1785a409386fdff7c8471 WHIRLPOOL 63851009dcb9e38ef5d735380634f663e723fbbd17d96fb700ef07b9d9d67abae0a5000531c942364150811c443101a0d64fc85a26ae344b9338cb2c9dc9b997 +MISC metadata.xml 487 SHA256 7ac5dfd197aca1d7078bed530fdf18fb4b774a6766e821ab7742bdc618a12f69 SHA512 f00421023d46b9aa32d8038c5ba8bfdb1b60a732932d64f7d11fe6f0c163b734182e2162dde2ba663d7c74ba8c754ece721dfbfa0b8fa3081be622dfff3949ea WHIRLPOOL aff13a0c29ef2d84012aaae96aed3994e32e8c001b5aae0083f1446869da3185f92eeee854ee7a6a971e0421ec438a4a7384ceddbc3a84f046c6a7819b9e1bcb diff --git a/dev-python/pyxdg/files/sec-patch-CVE-2014-1624.patch b/dev-python/pyxdg/files/sec-patch-CVE-2014-1624.patch new file mode 100644 index 000000000000..d94c0a42bddb --- /dev/null +++ b/dev-python/pyxdg/files/sec-patch-CVE-2014-1624.patch @@ -0,0 +1,54 @@ +Improve security of get_runtime_dir(strict=False) +https://github.com/takluyver/pyxdg/commit/bd999c1c3fe7ee5f30ede2cf704cf03e400347b4 +diff --git a/xdg/BaseDirectory.py b/xdg/BaseDirectory.py +index cececa3..a7c31b1 100644 +--- a/xdg/BaseDirectory.py ++++ b/xdg/BaseDirectory.py +@@ -25,7 +25,7 @@ + Note: see the rox.Options module for a higher-level API for managing options. + """ + +-import os ++import os, stat + + _home = os.path.expanduser('~') + xdg_data_home = os.environ.get('XDG_DATA_HOME') or \ +@@ -131,15 +131,30 @@ def get_runtime_dir(strict=True): + + import getpass + fallback = '/tmp/pyxdg-runtime-dir-fallback-' + getpass.getuser() ++ create = False ++ + try: +- os.mkdir(fallback, 0o700) ++ # This must be a real directory, not a symlink, so attackers can't ++ # point it elsewhere. So we use lstat to check it. ++ st = os.lstat(fallback) + except OSError as e: + import errno +- if e.errno == errno.EEXIST: +- # Already exists - set 700 permissions again. +- import stat +- os.chmod(fallback, stat.S_IRUSR|stat.S_IWUSR|stat.S_IXUSR) +- else: # pragma: no cover ++ if e.errno == errno.ENOENT: ++ create = True ++ else: + raise +- ++ else: ++ # The fallback must be a directory ++ if not stat.S_ISDIR(st.st_mode): ++ os.unlink(fallback) ++ create = True ++ # Must be owned by the user and not accessible by anyone else ++ elif (st.st_uid != os.getuid()) \ ++ or (st.st_mode & (stat.S_IRWXG | stat.S_IRWXO)): ++ os.rmdir(fallback) ++ create = True ++ ++ if create: ++ os.mkdir(fallback, 0o700) ++ + return fallback + diff --git a/dev-python/pyxdg/metadata.xml b/dev-python/pyxdg/metadata.xml new file mode 100644 index 000000000000..967f6f4f3925 --- /dev/null +++ b/dev-python/pyxdg/metadata.xml @@ -0,0 +1,14 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer type="project"> + <email>python@gentoo.org</email> + <name>Python</name> + </maintainer> + <upstream> + <doc lang="en">https://pyxdg.readthedocs.org/en/latest/</doc> + <bugs-to>https://bugs.freedesktop.org/</bugs-to> + <remote-id type="pypi">pyxdg</remote-id> + <remote-id type="launchpad">pyxdg</remote-id> + </upstream> +</pkgmetadata> diff --git a/dev-python/pyxdg/pyxdg-0.25-r1.ebuild b/dev-python/pyxdg/pyxdg-0.25-r1.ebuild new file mode 100644 index 000000000000..eb164715e435 --- /dev/null +++ b/dev-python/pyxdg/pyxdg-0.25-r1.ebuild @@ -0,0 +1,26 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=5 + +PYTHON_COMPAT=( python{2_7,3_4,3_5,3_6} pypy ) +inherit distutils-r1 + +DESCRIPTION="A Python module to deal with freedesktop.org specifications" +HOMEPAGE="https://freedesktop.org/wiki/Software/pyxdg https://cgit.freedesktop.org/xdg/pyxdg/" +SRC_URI="https://people.freedesktop.org/~takluyver/${P}.tar.gz" + +LICENSE="LGPL-2" +SLOT="0" +KEYWORDS="alpha amd64 arm ~arm64 hppa ia64 ~mips ppc ppc64 sparc x86 ~x86-fbsd" +IUSE="test" + +DEPEND="test? ( dev-python/nose[${PYTHON_USEDEP}] + x11-themes/hicolor-icon-theme )" + +DOCS=( AUTHORS ChangeLog README TODO ) +PATCHES=( "${FILESDIR}"/sec-patch-CVE-2014-1624.patch ) + +python_test() { + nosetests || die +} |