771b02612e
(CVE-2012-0845, CVE-2012-1150 are alredy fixed in pkgsrc, CVE-2012-0876 is not affect to pkgsrc, using external expat) What's New in Python 2.6.8? =========================== *Release date: 2012-04-10* No changes since 2.6.8rc2. What's New in Python 2.6.8 rc 2? ================================ *Release date: 2012-03-17* Library ------- - Issue #14234: CVE-2012-0876: Randomize hashes of xml attributes in the hash table internal to the pyexpat module's copy of the expat library to avoid a denial of service due to hash collisions. Patch by David Malcolm with some modifications by the expat project. What's New in Python 2.6.8 rc 1? ================================ *Release date: 2012-02-23* Core and Builtins ----------------- - Issue #13703: oCERT-2011-003 CVE-2012-1150: add -R command-line option and PYTHONHASHSEED environment variable, to provide an opt-in way to protect against denial of service attacks due to hash collisions within the dict and set types. Patch by David Malcolm, based on work by Victor Stinner. Library ------- - Issue #14001: CVE-2012-0845: xmlrpc: Fix an endless loop in SimpleXMLRPCServer upon malformed POST request. - Issue #13885: CVE-2011-3389: the _ssl module would always disable the CBC IV attack countermeasure.
8 lines
309 B
Makefile
8 lines
309 B
Makefile
# $NetBSD: dist.mk,v 1.3 2012/04/14 10:47:17 obache Exp $
|
|
|
|
PY_DISTVERSION= 2.6.8
|
|
DISTNAME= Python-${PY_DISTVERSION}
|
|
EXTRACT_SUFX= .tar.bz2
|
|
DISTINFO_FILE= ${.CURDIR}/../../lang/python26/distinfo
|
|
PATCHDIR= ${.CURDIR}/../../lang/python26/patches
|
|
MASTER_SITES= http://www.python.org/ftp/python/${PY_DISTVERSION}/
|