From b7ebc951da8800f711142f69d9d958bde67a112d Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Sun, 28 Apr 2019 09:54:45 +0100 Subject: gentoo resync : 28.04.2019 --- dev-python/pyyaml/Manifest | 7 +++- .../pyyaml/files/pyyaml-5.1-cve-2017-18342.patch | 40 +++++++++++++++++++ dev-python/pyyaml/pyyaml-3.12.ebuild | 4 +- dev-python/pyyaml/pyyaml-3.13.ebuild | 4 +- dev-python/pyyaml/pyyaml-5.1.ebuild | 46 ++++++++++++++++++++++ 5 files changed, 95 insertions(+), 6 deletions(-) create mode 100644 dev-python/pyyaml/files/pyyaml-5.1-cve-2017-18342.patch create mode 100644 dev-python/pyyaml/pyyaml-5.1.ebuild (limited to 'dev-python/pyyaml') diff --git a/dev-python/pyyaml/Manifest b/dev-python/pyyaml/Manifest index 4d77810e91cd..127f259aa7ac 100644 --- a/dev-python/pyyaml/Manifest +++ b/dev-python/pyyaml/Manifest @@ -1,5 +1,8 @@ +AUX pyyaml-5.1-cve-2017-18342.patch 1420 BLAKE2B bf053ed121355aea1e44f9bd29b22c9afbca7b99b68e59a6e213d2723531044049964dcb20dbc036ee27ae8bcc2c26e317cf080637e611fa0105a9d451496125 SHA512 8e7737761555d851b21ca61128d2ced4163d446acb87510b6962a20dc217923bcf835d70224c9e721486351e0aeb57f9f3c570b57086a0a00c3e8ac656a458c5 DIST PyYAML-3.12.tar.gz 253011 BLAKE2B 530f2910acb757af9e2a738d93ace45daee3fc5764f19fbc758508e873f05ebfa2486c4f82800540e5e405e7f114f06f963e5011908fd15014ca8b8afb3a76aa SHA512 e16d8b7f4f026b6a95b11fb59c54ec5f114f6f516294eaa95e718abdf5d37c17a9c4b5e0a0a61fca04e801792d9b7fb801087cf849ff22b9581f6af204b1883a DIST PyYAML-3.13.tar.gz 270607 BLAKE2B f365f63587b911234497426c9796f98b85f5de052abd88ea434137a4eb8a4c1e08f9ee1982a30df1934dadb615145f4af8fcff577d3d4e52058e7a8843aa8604 SHA512 93642286d0317e2fe970632c36d38ce6030f7cabcf971f28e3a1054f07390fcee5baaf7f167e7c9690dbd7b2adc61f5b7d75a218ace0abca34ff8815486cfdd7 -EBUILD pyyaml-3.12.ebuild 1073 BLAKE2B 8a1992c113a9a66e28e4e97f30592be2a497bb6f4bae4c1e117b8cd8ced8cfaaf8d1c310bd54f532ee4bd73631d541eac1bc3acb43a9dd648b2a906df06f40ca SHA512 410a29da66428ef4877bb9f6fec1f7a9ae48b079a87f26a2aa70d669eeab2c1dd1ba2a066414e89728dd457c355c8e27beffcd553e2f2108a31493c67b52a986 -EBUILD pyyaml-3.13.ebuild 1075 BLAKE2B 20b3495614e2a14e64a1312af24f945b83a1089dbeb797ac07617b221fafd9ba35a63bb5d5eda6f054fe5eb58347c33922f945eefbce419bf557bfef68e3cb1d SHA512 8a377d151119f71a153be52ddfa9cb01bb35ec6b84d355e7a83111019c53537231c556b0650937174e6d25f85b557c28e7e9ab7f8d309d05dfbaaff75bb732c1 +DIST PyYAML-5.1.tar.gz 274244 BLAKE2B ea8cc4b56b9fc70bc7b01f8c654ceb8b73c82dcc936c939cba3c3654df04fe32fc46c7df322a38869d28ad5a58f6134b35cbe43924df3b4d5f3e54e33700dc73 SHA512 8f27f92bdfa310a99dd6d83947332cc033fa18f0011998bb585ad5c4340a2da20d8c20bfdb53beaae15651198d1240c986818379b0a05b230f74d1f30f53e7fd +EBUILD pyyaml-3.12.ebuild 1068 BLAKE2B 75d565e4f368a85bcdc8f7a0b505c0969edaa8835480d09acd58e3a714c9502b085f419851d5bd15bc773f359a355101179fdedeee4d8468dc4adb0c5d5ca2c0 SHA512 7c839298eeca6ac9ca443cfa7e15e6cb1151789985391eb6b0eb81ec40c0e48dacd5c1ab0c7aef541f96312efb67b48e7cbb201c68278fb38a84dd7c272ce661 +EBUILD pyyaml-3.13.ebuild 1070 BLAKE2B bf3e7dbc8fcfbbf12bb5282ee012c9c1c83197f5573351181965efdc75a022f5b065181b975680240016b6c84f6259528e7010dd6645152b6f9b35bf66ea17fd SHA512 803c12130e4996bb868d71d8fef7819ae1f6f4aa44818bc68d6599c0e7a49b551c368d62370544811535c9bbe2126f3f190e1974148a727dad3a5adb52aaf79c +EBUILD pyyaml-5.1.ebuild 1157 BLAKE2B d3b95f40830be8232e56087e1482210bd836fde151229a598d7268d4bfa1534db83b9e6aa7bf4a03ae0a9b29f3e0d8687fea42889f29dc1dbf09bc24ab0e059a SHA512 f609409a7dc3786d4af80bb0dbc5f620a172b4585433c44ae0605d25c47a67a157c2b6670a1e57e517443d45dc09b3179b2d580f73f14d134b0089960ae110de MISC metadata.xml 345 BLAKE2B 8c26b8b05b08ed9abab5ed2cb36552dc9af33ee2b30cf3ebe551576d7ad44908b3dff195cd7f1a3f5af9323d17eadee407e42bfeb99150be2a0ac4b48653c1eb SHA512 1fdee5219c989b3edf11bdb63264c6ca6bd54fb1f44907bf20ce7ee6b1968c9c6f2c94363698be87d92eb6cd07a034acca7dbcffaeac40d2add8d57a240772da diff --git a/dev-python/pyyaml/files/pyyaml-5.1-cve-2017-18342.patch b/dev-python/pyyaml/files/pyyaml-5.1-cve-2017-18342.patch new file mode 100644 index 000000000000..28626ba9e974 --- /dev/null +++ b/dev-python/pyyaml/files/pyyaml-5.1-cve-2017-18342.patch @@ -0,0 +1,40 @@ +diff --git a/lib/yaml/__init__.py b/lib/yaml/__init__.py +index e7a419d..5f80761 100644 +--- a/lib/yaml/__init__.py ++++ b/lib/yaml/__init__.py +@@ -106,6 +106,7 @@ def load(stream, Loader=None): + and produce the corresponding Python object. + """ + if Loader is None: ++ raise RuntimeError("Unsafe load() call disabled by Gentoo. See bug #659348") + load_warning('load') + Loader = FullLoader + +@@ -121,6 +122,7 @@ def load_all(stream, Loader=None): + and produce corresponding Python objects. + """ + if Loader is None: ++ raise RuntimeError("Unsafe load() call disabled by Gentoo. See bug #659348") + load_warning('load_all') + Loader = FullLoader + +diff --git a/lib3/yaml/__init__.py b/lib3/yaml/__init__.py +index 5df0bb5..6952ba5 100644 +--- a/lib3/yaml/__init__.py ++++ b/lib3/yaml/__init__.py +@@ -106,6 +106,7 @@ def load(stream, Loader=None): + and produce the corresponding Python object. + """ + if Loader is None: ++ raise RuntimeError("Unsafe load() call disabled by Gentoo. See bug #659348") + load_warning('load') + Loader = FullLoader + +@@ -121,6 +122,7 @@ def load_all(stream, Loader=None): + and produce corresponding Python objects. + """ + if Loader is None: ++ raise RuntimeError("Unsafe load() call disabled by Gentoo. See bug #659348") + load_warning('load_all') + Loader = FullLoader + diff --git a/dev-python/pyyaml/pyyaml-3.12.ebuild b/dev-python/pyyaml/pyyaml-3.12.ebuild index f6809c7b156b..dd8f65443ca6 100644 --- a/dev-python/pyyaml/pyyaml-3.12.ebuild +++ b/dev-python/pyyaml/pyyaml-3.12.ebuild @@ -1,9 +1,9 @@ -# Copyright 1999-2018 Gentoo Foundation +# Copyright 1999-2019 Gentoo Authors # Distributed under the terms of the GNU General Public License v2 EAPI=6 -PYTHON_COMPAT=( python2_7 python3_{4,5,6} pypy pypy3 ) +PYTHON_COMPAT=( python2_7 python3_{5,6} pypy pypy3 ) inherit distutils-r1 diff --git a/dev-python/pyyaml/pyyaml-3.13.ebuild b/dev-python/pyyaml/pyyaml-3.13.ebuild index 019a1f64fa62..c9b47b9801f8 100644 --- a/dev-python/pyyaml/pyyaml-3.13.ebuild +++ b/dev-python/pyyaml/pyyaml-3.13.ebuild @@ -1,9 +1,9 @@ -# Copyright 1999-2018 Gentoo Foundation +# Copyright 1999-2019 Gentoo Authors # Distributed under the terms of the GNU General Public License v2 EAPI=6 -PYTHON_COMPAT=( python2_7 python3_{4,5,6,7} pypy pypy3 ) +PYTHON_COMPAT=( python2_7 python3_{5,6,7} pypy pypy3 ) inherit distutils-r1 diff --git a/dev-python/pyyaml/pyyaml-5.1.ebuild b/dev-python/pyyaml/pyyaml-5.1.ebuild new file mode 100644 index 000000000000..02cd65f425a8 --- /dev/null +++ b/dev-python/pyyaml/pyyaml-5.1.ebuild @@ -0,0 +1,46 @@ +# Copyright 1999-2019 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +PYTHON_COMPAT=( python2_7 python3_{5,6,7} pypy pypy3 ) + +inherit distutils-r1 + +MY_P="PyYAML-${PV}" + +DESCRIPTION="YAML parser and emitter for Python" +HOMEPAGE="https://pyyaml.org/wiki/PyYAML https://pypi.org/project/PyYAML/" +SRC_URI="https://pyyaml.org/download/${PN}/${MY_P}.tar.gz" + +LICENSE="MIT" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~x64-cygwin ~amd64-fbsd ~x86-fbsd ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~x64-solaris ~x86-solaris" +IUSE="examples libyaml" + +RDEPEND="libyaml? ( dev-libs/libyaml )" +DEPEND="${RDEPEND} + libyaml? ( $(python_gen_cond_dep 'dev-python/cython[${PYTHON_USEDEP}]' python2_7 'python3*') )" + +S="${WORKDIR}/${MY_P}" + +PATCHES=( + # bug #659348 + "${FILESDIR}/${PN}-5.1-cve-2017-18342.patch" +) + +python_configure_all() { + mydistutilsargs=( $(use_with libyaml) ) +} + +python_test() { + esetup.py test +} + +python_install_all() { + distutils-r1_python_install_all + if use examples; then + dodoc -r examples + docompress -x /usr/share/doc/${PF} + fi +} -- cgit v1.2.3