python: Fix CVE-2021-3177

A buffer overflow can occur when calling c_double.from_param(). Advance to python-2.7.5-92.el7_9.src.rpm. Fixes CVE-2019-20907, CVE-2020-26116, and CVE-2022-0391 as well. === Testing Build and boot iso; log in. $ python >>> from ctypes import c_double >>> c_double.from_param(1e300) The last line will cause python to abort if the fix has not been applied. Ran ansible to provision system. Unlocked. Rebooted to unlocked and enabled host-list status. === Closes-bug: 1987927 Signed-off-by: Joe Slater <joe.slater@windriver.com> Change-Id: Idbc681581b48e05ebacdfe873d95d0a342a232ea
2022-08-26 11:46:44 -04:00 · 2022-08-26 11:46:44 -04:00 · 110035d8fc
commit 110035d8fc
parent 8a29c2a107
3 changed files with 4 additions and 4 deletions
--- a/centos_srpms_centos.lst
+++ b/centos_srpms_centos.lst
@ -1,3 +1,3 @@
 bash-4.2.46-34.el7.src.rpm
 expat-2.1.0-14.el7_9.src.rpm
-python-2.7.5-89.el7.src.rpm
+python-2.7.5-92.el7_9.src.rpm
--- a/languages/python-2.7.5/centos/meta_patches/0001-Update-package-versioning-for-TIS-format.patch
+++ b/languages/python-2.7.5/centos/meta_patches/0001-Update-package-versioning-for-TIS-format.patch
@ -15,8 +15,8 @@ index 2af363e..c3706be 100644
 Name: %{python}
 # Remember to also rebase python-docs when changing this:
 Version: 2.7.5
-Release: 89%{?dist}
-+Release: 89.el7%{?_tis_dist}.%{tis_patch_ver}
+-Release: 92%{?dist}
+Release: 92.el7_9%{?_tis_dist}.%{tis_patch_ver}
 License: Python
 Group: Development/Languages
 Requires: %{python}-libs%{?_isa} = %{version}-%{release}
--- a/languages/python-2.7.5/centos/srpm_path
+++ b/languages/python-2.7.5/centos/srpm_path
@ -1,2 +1,2 @@
-mirror:Source/python-2.7.5-89.el7.src.rpm
+mirror:Source/python-2.7.5-92.el7_9.src.rpm