bug#46631: Python CVE-2021-3177

bug-guix

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#46631: Python CVE-2021-3177

From:	Ludovic Courtès
Subject:	bug#46631: Python CVE-2021-3177
Date:	Mon, 22 Feb 2021 09:08:14 +0100
User-agent:	Gnus/5.13 (Gnus v5.13) Emacs/27.1 (gnu/linux)

Hi Leo,

Leo Famulari <leo@famulari.name> skribis:

> From b62969d52add462fc1b8b4bd1e0a3c4d53a39864 Mon Sep 17 00:00:00 2001
> From: Leo Famulari <leo@famulari.name>
> Date: Fri, 19 Feb 2021 18:09:57 -0500
> Subject: [PATCH] gnu: Python: Fix CVE-2021-3177.
>
> * gnu/packages/patches/python-3.8-CVE-2021-3177.patch: New file.
> * gnu/local.mk (dist_patch_DATA): Add it.
> * gnu/packages/python.scm (python-3.8): Define with PACKAGE/INHERIT.
> [replacement]: New field.
> (python-3.8/fixed): New variable.

[...]

>  (define-public python-3.8
> -  (package (inherit python-2)
> +  (package/inherit python-2
>      (name "python")
> +    (replacement python-3.8/fixed)

You can keep (inherit …) because the effect of ‘package/inherit’ is just
to preserve replacements, which is unnecessary here.

Apart from that, the Guix side of things LGTM.

Thanks for working on it!

Ludo’.

[Prev in Thread]

Current Thread

[Next in Thread]

bug#46631: Python CVE-2021-3177, Leo Famulari, 2021/02/18
- bug#46631: Python CVE-2021-3177, Ludovic Courtès, 2021/02/19
- bug#46631: Python CVE-2021-3177, Leo Famulari, 2021/02/19
  - bug#46631: Python CVE-2021-3177, Leo Famulari, 2021/02/19
    - bug#46631: Python CVE-2021-3177, Leo Famulari, 2021/02/19
    - bug#46631: Python CVE-2021-3177, Ludovic Courtès <=
    - bug#46631: Python CVE-2021-3177, Leo Famulari, 2021/02/23

Prev by Date: bug#46691: tmux
Next by Date: bug#46691: tmux
Previous by thread: bug#46631: Python CVE-2021-3177
Next by thread: bug#46631: Python CVE-2021-3177
Index(es):
- Date
- Thread