[Python-modules-commits] r26375 - in packages/python-tornado/trunk/debian (7 files)

jtaylor-guest at users.alioth.debian.org jtaylor-guest at users.alioth.debian.org
Sun Nov 3 18:23:00 UTC 2013 

    Date: Sunday, November 3, 2013 @ 18:22:58
  Author: jtaylor-guest
Revision: 26375

drop upstream applied random-port.patch and CVE-2013-2099.patch

Modified:
  packages/python-tornado/trunk/debian/changelog
  packages/python-tornado/trunk/debian/patches/certs-path.patch
  packages/python-tornado/trunk/debian/patches/ignore-ca-certificates.patch
  packages/python-tornado/trunk/debian/patches/ignoreuserwarning.patch
  packages/python-tornado/trunk/debian/patches/series
Deleted:
  packages/python-tornado/trunk/debian/patches/CVE-2013-2099.patch
  packages/python-tornado/trunk/debian/patches/random-port.patch

Modified: packages/python-tornado/trunk/debian/changelog
===================================================================
--- packages/python-tornado/trunk/debian/changelog	2013-11-03 18:22:53 UTC (rev 26374)
+++ packages/python-tornado/trunk/debian/changelog	2013-11-03 18:22:58 UTC (rev 26375)
@@ -1,6 +1,7 @@
 python-tornado (3.1.1-1) unstable; urgency=low
 
   * New upstream release (Closes: #711806)
+  * drop upstream applied random-port.patch and CVE-2013-2099.patch
 
  -- Julian Taylor <jtaylor.debian at googlemail.com>  Sun, 03 Nov 2013 18:48:51 +0100
 

Deleted: packages/python-tornado/trunk/debian/patches/CVE-2013-2099.patch
===================================================================
--- packages/python-tornado/trunk/debian/patches/CVE-2013-2099.patch	2013-11-03 18:22:53 UTC (rev 26374)
+++ packages/python-tornado/trunk/debian/patches/CVE-2013-2099.patch	2013-11-03 18:22:58 UTC (rev 26375)
@@ -1,33 +0,0 @@
-From a9c94f322e691d48151c1eb67f2742a39ad3ab46 Mon Sep 17 00:00:00 2001
-From: Ben Darnell <ben at bendarnell.com>
-Date: Thu, 23 May 2013 23:57:30 -0400
-Subject: [PATCH] Backport changes from ssl.match_hostname in Python 3.3.
-Origin: upstream, https://github.com/facebook/tornado/commit/a9c94f322e691d48151c1eb67f2742a39ad3ab46
-Bug: https://github.com/facebook/tornado/issues/799
-Debian-Bug: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709069
-
-* Fix potential CPU DoS via abusive wildcard pattern
-  http://hg.python.org/cpython/rev/fafd33db6ff6
-
----
-
---- python-tornado-2.4.1.orig/tornado/simple_httpclient.py
-+++ python-tornado-2.4.1/tornado/simple_httpclient.py
-@@ -486,9 +486,16 @@ class CertificateError(ValueError):
-     pass
- 
- 
--def _dnsname_to_pat(dn):
-+def _dnsname_to_pat(dn, max_wildcards=1):
-     pats = []
-     for frag in dn.split(r'.'):
-+        if frag.count('*') > max_wildcards:
-+            # Issue #17980: avoid denials of service by refusing more
-+            # than one wildcard per fragment.  A survery of established
-+            # policy among SSL implementations showed it to be a
-+            # reasonable choice.
-+            raise CertificateError(
-+                "too many wildcards in certificate DNS name: " + repr(dn))
-         if frag == '*':
-             # When '*' is a fragment by itself, it matches a non-empty dotless
-             # fragment.

Modified: packages/python-tornado/trunk/debian/patches/certs-path.patch
===================================================================
--- packages/python-tornado/trunk/debian/patches/certs-path.patch	2013-11-03 18:22:53 UTC (rev 26374)
+++ packages/python-tornado/trunk/debian/patches/certs-path.patch	2013-11-03 18:22:58 UTC (rev 26375)
@@ -3,9 +3,9 @@
 
 --- a/tornado/simple_httpclient.py
 +++ b/tornado/simple_httpclient.py
-@@ -32,7 +32,10 @@
+@@ -30,7 +30,10 @@ try:
  except ImportError:
-     ssl = None
+     import urllib.parse as urlparse  # py3
  
 -_DEFAULT_CA_CERTS = os.path.dirname(__file__) + '/ca-certificates.crt'
 +if os.path.exists('/etc/ssl/certs/ca-certificates.crt'):

Modified: packages/python-tornado/trunk/debian/patches/ignore-ca-certificates.patch
===================================================================
--- packages/python-tornado/trunk/debian/patches/ignore-ca-certificates.patch	2013-11-03 18:22:53 UTC (rev 26374)
+++ packages/python-tornado/trunk/debian/patches/ignore-ca-certificates.patch	2013-11-03 18:22:58 UTC (rev 26375)
@@ -3,7 +3,7 @@
 
 --- a/setup.py
 +++ b/setup.py
-@@ -44,7 +44,7 @@
+@@ -35,7 +35,7 @@ distutils.core.setup(
      version=version,
      packages = ["tornado", "tornado.test", "tornado.platform"],
      package_data = {

Modified: packages/python-tornado/trunk/debian/patches/ignoreuserwarning.patch
===================================================================
--- packages/python-tornado/trunk/debian/patches/ignoreuserwarning.patch	2013-11-03 18:22:53 UTC (rev 26374)
+++ packages/python-tornado/trunk/debian/patches/ignoreuserwarning.patch	2013-11-03 18:22:58 UTC (rev 26375)
@@ -3,7 +3,7 @@
  Else one gets check_version_conflict warning from pkg_resources.
 --- a/tornado/test/runtests.py
 +++ b/tornado/test/runtests.py
-@@ -47,6 +47,7 @@
+@@ -72,6 +72,7 @@ if __name__ == '__main__':
      # setuptools sometimes gives ImportWarnings about things that are on
      # sys.path even if they're not being used.
      warnings.filterwarnings("ignore", category=ImportWarning)

Deleted: packages/python-tornado/trunk/debian/patches/random-port.patch
===================================================================
--- packages/python-tornado/trunk/debian/patches/random-port.patch	2013-11-03 18:22:53 UTC (rev 26374)
+++ packages/python-tornado/trunk/debian/patches/random-port.patch	2013-11-03 18:22:58 UTC (rev 26375)
@@ -1,20 +0,0 @@
-Description: get random free port
-Author: Julian Taylor <jtaylor.debian at googlemail.com>
---- python-tornado-2.4.1.orig/tornado/testing.py
-+++ python-tornado-2.4.1/tornado/testing.py
-@@ -47,10 +47,11 @@ _next_port = 10000
- 
- 
- def get_unused_port():
--    """Returns a (hopefully) unused port number."""
--    global _next_port
--    port = _next_port
--    _next_port = _next_port + 1
-+    import socket
-+    s = socket.socket()
-+    s.bind(('', 0))
-+    port = s.getsockname()[1]
-+    s.close()
-     return port
- 
- 

Modified: packages/python-tornado/trunk/debian/patches/series
===================================================================
--- packages/python-tornado/trunk/debian/patches/series	2013-11-03 18:22:53 UTC (rev 26374)
+++ packages/python-tornado/trunk/debian/patches/series	2013-11-03 18:22:58 UTC (rev 26375)
@@ -1,5 +1,3 @@
 ignore-ca-certificates.patch
 certs-path.patch
 ignoreuserwarning.patch
-random-port.patch
-CVE-2013-2099.patch

More information about the Python-modules-commits mailing list