[Python-apps-commits] r11642 - in packages/mercurial/branches/jessie/debian/patches (3 files)
vicho at users.alioth.debian.org
vicho at users.alioth.debian.org
Tue Dec 23 09:33:37 UTC 2014
Date: Tuesday, December 23, 2014 @ 09:33:36
Author: vicho
Revision: 11642
Drop patches not needed for CVE-2014-9390
Matt Mackall said in an email to mercurial-packaging that the minimal set is:
- http://selenic.com/repo/hg-stable/rev/885bd7c5c7e3
- http://selenic.com/repo/hg-stable/rev/c02a05cc6f5e
- http://selenic.com/repo/hg-stable/rev/6dad422ecc5a
Modified:
packages/mercurial/branches/jessie/debian/patches/series
Deleted:
packages/mercurial/branches/jessie/debian/patches/from_upstream__darwin_omit_ignorable_codepoints_when_normcaseing_a_file_path.patch
packages/mercurial/branches/jessie/debian/patches/from_upstream__test-casefolding_t_demonstrate_a_bug_with_HFS_ignoring_some_codepoints.patch
Deleted: packages/mercurial/branches/jessie/debian/patches/from_upstream__darwin_omit_ignorable_codepoints_when_normcaseing_a_file_path.patch
===================================================================
--- packages/mercurial/branches/jessie/debian/patches/from_upstream__darwin_omit_ignorable_codepoints_when_normcaseing_a_file_path.patch 2014-12-22 10:37:17 UTC (rev 11641)
+++ packages/mercurial/branches/jessie/debian/patches/from_upstream__darwin_omit_ignorable_codepoints_when_normcaseing_a_file_path.patch 2014-12-23 09:33:36 UTC (rev 11642)
@@ -1,46 +0,0 @@
-Origin: http://selenic.com/repo/hg-stable/rev/7a5bcd471f2e
-Description: darwin: omit ignorable codepoints when normcase()ing a file path
- This lets us avoid some nasty case collision problems in OS X with
- invisible codepoints.
- .
- This is a fix for CVE-2014-9390
-Applied-Upstream: 3.2.3
-
---- a/mercurial/posix.py
-+++ b/mercurial/posix.py
-@@ -204,6 +204,7 @@ if sys.platform == 'darwin':
- - escape-encode invalid characters
- - decompose to NFD
- - lowercase
-+ - omit ignored characters [200c-200f, 202a-202e, 206a-206f,feff]
-
- >>> normcase('UPPER')
- 'upper'
-@@ -262,7 +263,9 @@ if sys.platform == 'darwin':
- u = s.decode('utf-8')
-
- # Decompose then lowercase (HFS+ technote specifies lower)
-- return unicodedata.normalize('NFD', u).lower().encode('utf-8')
-+ enc = unicodedata.normalize('NFD', u).lower().encode('utf-8')
-+ # drop HFS+ ignored characters
-+ return encoding.hfsignoreclean(enc)
-
- if sys.platform == 'cygwin':
- # workaround for cygwin, in which mount point part of path is
---- a/tests/test-casefolding.t
-+++ b/tests/test-casefolding.t
-@@ -200,12 +200,11 @@ case changes.
- We assume anyone running the tests on a case-insensitive volume on OS
- X will be using HFS+. If that's not true, this test will fail.
-
--Bug: some codepoints are to be ignored on HFS+:
--
- $ rm A
- >>> open(u'a\u200c'.encode('utf-8'), 'w').write('unicode is fun')
- $ hg status
- M A
-- ? a\xe2\x80\x8c (esc)
-+
- #endif
-+
- $ cd ..
Deleted: packages/mercurial/branches/jessie/debian/patches/from_upstream__test-casefolding_t_demonstrate_a_bug_with_HFS_ignoring_some_codepoints.patch
===================================================================
--- packages/mercurial/branches/jessie/debian/patches/from_upstream__test-casefolding_t_demonstrate_a_bug_with_HFS_ignoring_some_codepoints.patch 2014-12-22 10:37:17 UTC (rev 11641)
+++ packages/mercurial/branches/jessie/debian/patches/from_upstream__test-casefolding_t_demonstrate_a_bug_with_HFS_ignoring_some_codepoints.patch 2014-12-23 09:33:36 UTC (rev 11642)
@@ -1,26 +0,0 @@
-Origin: http://selenic.com/repo/hg-stable/rev/035434b407be
-Description: test-casefolding.t: demonstrate a bug with HFS+ ignoring some codepoints
- This is a fix for CVE-2014-9390
-Applied-Upstream: 3.2.3
-
-diff --git a/tests/test-casefolding.t b/tests/test-casefolding.t
---- a/tests/test-casefolding.t
-+++ b/tests/test-casefolding.t
-@@ -195,4 +195,17 @@ case changes.
- $ hg qrefresh a # issue 3271, qrefresh with file handled case wrong
- $ hg status # empty status means the qrefresh worked
-
-+#if osx
-+
-+We assume anyone running the tests on a case-insensitive volume on OS
-+X will be using HFS+. If that's not true, this test will fail.
-+
-+Bug: some codepoints are to be ignored on HFS+:
-+
-+ $ rm A
-+ >>> open(u'a\u200c'.encode('utf-8'), 'w').write('unicode is fun')
-+ $ hg status
-+ M A
-+ ? a\xe2\x80\x8c (esc)
-+#endif
- $ cd ..
Modified: packages/mercurial/branches/jessie/debian/patches/series
===================================================================
--- packages/mercurial/branches/jessie/debian/patches/series 2014-12-22 10:37:17 UTC (rev 11641)
+++ packages/mercurial/branches/jessie/debian/patches/series 2014-12-23 09:33:36 UTC (rev 11642)
@@ -9,8 +9,6 @@
for_upstream__dont_rm_usr_bin_python_when_running_testsuite.patch
for_upstream__lenient_test-shelve.patch
from_upstream__test-patchbomb_t_work_around_Python_change_d579866d6419_issue4188.patch
-from_upstream__test-casefolding_t_demonstrate_a_bug_with_HFS_ignoring_some_codepoints.patch
from_upstream__encoding_add_hfsignoreclean_to_clean_out_HFS-ignored_characters.patch
from_upstream__pathauditor_check_for_codepoints_ignored_on_OS_X.patch
-from_upstream__darwin_omit_ignorable_codepoints_when_normcaseing_a_file_path.patch
from_upstream__pathauditor_check_for_Windows_shortname_aliases.patch
More information about the Python-apps-commits
mailing list