gentoo resync : 28.04.2019

1 files changed, 40 insertions, 0 deletions

diff --git a/dev-python/pyyaml/files/pyyaml-5.1-cve-2017-18342.patch b/dev-python/pyyaml/files/pyyaml-5.1-cve-2017-18342.patch
new file mode 100644
index 000000000000..28626ba9e974
--- /dev/null
+++ b/dev-python/pyyaml/files/pyyaml-5.1-cve-2017-18342.patch
@@ -0,0 +1,40 @@
+diff --git a/lib/yaml/__init__.py b/lib/yaml/__init__.py
+index e7a419d..5f80761 100644
+--- a/lib/yaml/__init__.py
++++ b/lib/yaml/__init__.py
+@@ -106,6 +106,7 @@ def load(stream, Loader=None):
+     and produce the corresponding Python object.
+     """
+     if Loader is None:
++        raise RuntimeError("Unsafe load() call disabled by Gentoo. See bug #659348")
+         load_warning('load')
+         Loader = FullLoader
+ 
+@@ -121,6 +122,7 @@ def load_all(stream, Loader=None):
+     and produce corresponding Python objects.
+     """
+     if Loader is None:
++        raise RuntimeError("Unsafe load() call disabled by Gentoo. See bug #659348")
+         load_warning('load_all')
+         Loader = FullLoader
+ 
+diff --git a/lib3/yaml/__init__.py b/lib3/yaml/__init__.py
+index 5df0bb5..6952ba5 100644
+--- a/lib3/yaml/__init__.py
++++ b/lib3/yaml/__init__.py
+@@ -106,6 +106,7 @@ def load(stream, Loader=None):
+     and produce the corresponding Python object.
+     """
+     if Loader is None:
++        raise RuntimeError("Unsafe load() call disabled by Gentoo. See bug #659348")
+         load_warning('load')
+         Loader = FullLoader
+ 
+@@ -121,6 +122,7 @@ def load_all(stream, Loader=None):
+     and produce corresponding Python objects.
+     """
+     if Loader is None:
++        raise RuntimeError("Unsafe load() call disabled by Gentoo. See bug #659348")
+         load_warning('load_all')
+         Loader = FullLoader
+