diff options
author | Saul Wold <sgw@linux.intel.com> | 2013-08-29 11:54:17 -0700 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2013-08-30 18:06:27 +0100 |
commit | 4606eab53e8eff57d6369ea20a5ea63916ea3ea7 (patch) | |
tree | 7b50c485a6e4c9785b749352bbf5de4b2d9fa606 /meta/recipes-devtools/python/python/pypirc-secure.patch | |
parent | b6c286c447e50fe499f03b64c6be80ac18504265 (diff) | |
download | openembedded-core-4606eab53e8eff57d6369ea20a5ea63916ea3ea7.tar.gz |
python: Backport 2 CVE from upstream
These are back ports of 2 patches from upstream to address
CVE-2011-4944
CVE-2013-4238
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Diffstat (limited to 'meta/recipes-devtools/python/python/pypirc-secure.patch')
-rw-r--r-- | meta/recipes-devtools/python/python/pypirc-secure.patch | 35 |
1 files changed, 35 insertions, 0 deletions
diff --git a/meta/recipes-devtools/python/python/pypirc-secure.patch b/meta/recipes-devtools/python/python/pypirc-secure.patch new file mode 100644 index 0000000000..8e2df677b6 --- /dev/null +++ b/meta/recipes-devtools/python/python/pypirc-secure.patch @@ -0,0 +1,35 @@ +# HG changeset patch +# User Philip Jenvey <pjenvey@underboss.org> +# Date 1322701507 28800 +# Branch 2.7 +# Node ID e7c20a8476a0e2ca18f8040864cbc400818d8f24 +# Parent 3ecddf168f1f554a17a047384fe0b02f2d688277 +create the .pypirc securely + +Upstream-Status: Backport + +Signed-off-by: Saul Wold <sgw@linux.intel.com> + + +diff -r 3ecddf168f1f -r e7c20a8476a0 Lib/distutils/config.py +--- a/Lib/distutils/config.py Tue Nov 29 00:53:09 2011 +0100 ++++ b/Lib/distutils/config.py Wed Nov 30 17:05:07 2011 -0800 +@@ -42,16 +42,8 @@ + def _store_pypirc(self, username, password): + """Creates a default .pypirc file.""" + rc = self._get_rc_file() +- f = open(rc, 'w') +- try: +- f.write(DEFAULT_PYPIRC % (username, password)) +- finally: +- f.close() +- try: +- os.chmod(rc, 0600) +- except OSError: +- # should do something better here +- pass ++ with os.fdopen(os.open(rc, os.O_CREAT | os.O_WRONLY, 0600), 'w') as fp: ++ fp.write(DEFAULT_PYPIRC % (username, password)) + + def _read_pypirc(self): + """Reads the .pypirc file.""" |