diff --git a/python-crypto-fix_buffer_overflow.patch b/python-crypto-fix_buffer_overflow.patch new file mode 100644 index 0000000..b16a307 --- /dev/null +++ b/python-crypto-fix_buffer_overflow.patch @@ -0,0 +1,24 @@ +diff -Naur pycrypto-2.0.1.org/src/ARC2.c pycrypto-2.0.1/src/ARC2.c +--- pycrypto-2.0.1.org/src/ARC2.c 2009-02-13 17:08:30.000000000 +0100 ++++ pycrypto-2.0.1/src/ARC2.c 2009-02-13 17:08:47.000000000 +0100 +@@ -11,6 +11,7 @@ + */ + + #include ++#include "Python.h" + + #define MODULE_NAME ARC2 + #define BLOCK_SIZE 8 +@@ -146,6 +147,12 @@ + We'll hardwire it to 1024. */ + #define bits 1024 + ++ if ((U32)keylength > sizeof(self->xkey)) { ++ PyErr_SetString(PyExc_ValueError, ++ "ARC2 key length must be less than 128 bytes"); ++ return; ++ } ++ + memcpy(self->xkey, key, keylength); + + /* Phase 1: Expand input key to 128 bytes */ diff --git a/python-crypto-x86_64-buildfix.patch b/python-crypto-x86_64-buildfix.patch deleted file mode 100644 index 2878fe4..0000000 --- a/python-crypto-x86_64-buildfix.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- setup.py.old 2004-12-18 12:52:44.031165688 +0100 -+++ setup.py 2004-12-18 12:54:16.861053400 +0100 -@@ -116,7 +116,7 @@ - build_ext.build_extensions(self) - - def detect_modules (self): -- lib_dirs = self.compiler.library_dirs + ['/lib', '/usr/lib'] -+ lib_dirs = self.compiler.library_dirs + ['/lib64', '/usr/lib64'] - inc_dirs = self.compiler.include_dirs + ['/usr/include'] - exts = [] - if (self.compiler.find_library_file(lib_dirs, 'gmp')): diff --git a/python-crypto.spec b/python-crypto.spec index aafcd84..521f3b7 100644 --- a/python-crypto.spec +++ b/python-crypto.spec @@ -4,18 +4,23 @@ Summary: Cryptography library for Python Name: python-crypto Version: 2.0.1 -Release: 4%{?dist} -License: Python License (CNRI Python License) +Release: 4%{?dist}.1 +License: Public Domain Group: Development/Libraries URL: http://www.amk.ca/python/code/crypto.html Source: http://www.amk.ca/files/python/crypto/pycrypto-2.0.1.tar.gz -Patch0: %{name}-x86_64-buildfix.patch +# patch taken from +# http://gitweb2.dlitz.net/?p=crypto/pycrypto-2.x.git;a=commitdiff;h=d1c4875e1f220652fe7ff8358f56dee3b2aba31b +Patch0: %{name}-fix_buffer_overflow.patch + BuildRequires: python >= 2.2 BuildRequires: python-devel >= 2.2 BuildRequires: gmp-devel >= 4.1 BuildRoot: %{_tmppath}/%{name}-%{version}-buildroot-%(%{__id_u} -n) Requires: python-abi = %(%{__python} -c "import sys ; print sys.version[:3]") +Provides: pycrypto = %{version}-%{release} + %description Python-crypto is a collection of both secure hash functions (such as MD5 and SHA), and various encryption algorithms (AES, DES, IDEA, RSA, ElGamal, @@ -24,10 +29,8 @@ etc.). %prep %setup -n pycrypto-%{version} -q -%ifarch x86_64 -%patch0 -b .patch0 -%endif - +sed -i s:/lib:/%_lib:g setup.py +%patch0 -b .patch0 -p1 %build CFLAGS="$RPM_OPT_FLAGS" %{__python} setup.py build @@ -64,6 +67,12 @@ rm -rf $RPM_BUILD_ROOT %changelog +* Fri Feb 13 2009 Thorsten Leemhuis - 2.0.1-4.1 +- some improvements from fedora branch +-- add patch to fix #485298 / CVE-2009-0544 +-- provide pycrypto +-- drop patch0 and fix libdir handling so it works on more arches than x86_64 + * Thu Sep 07 2006 Thorsten Leemhuis - 2.0.1-4 - Don't ghost pyo files (#205408)