diff options
| author | Raphael Kubo da Costa <rakuco@FreeBSD.org> | 2016-01-17 12:03:37 +0000 |
|---|---|---|
| committer | Raphael Kubo da Costa <rakuco@FreeBSD.org> | 2016-01-17 12:03:37 +0000 |
| commit | 736773e0b4f9df0b4f8a81474e8633d193556de5 (patch) | |
| tree | 8112075816fb97541f196d0e9da5b126c175d09d /textproc/py-pygments | |
| parent | 5b98991e661c4f558ce9b20f6d82b25c775b6fdc (diff) | |
| download | ports-736773e0b4f9df0b4f8a81474e8633d193556de5.tar.gz ports-736773e0b4f9df0b4f8a81474e8633d193556de5.zip | |
Add upstream patch to fix CVE-2015-8557.
PR: 206072
Approved by: ports-secteam (miwi)
Security: 5f276780-b6ce-11e5-9731-5453ed2e2b49
Notes
Notes:
svn path=/head/; revision=406304
Diffstat (limited to 'textproc/py-pygments')
| -rw-r--r-- | textproc/py-pygments/Makefile | 1 | ||||
| -rw-r--r-- | textproc/py-pygments/files/patch-CVE-2015-8557 | 49 |
2 files changed, 50 insertions, 0 deletions
diff --git a/textproc/py-pygments/Makefile b/textproc/py-pygments/Makefile index 5cbc48df6a23..2206450974d5 100644 --- a/textproc/py-pygments/Makefile +++ b/textproc/py-pygments/Makefile @@ -3,6 +3,7 @@ PORTNAME= pygments PORTVERSION= 2.0.2 +PORTREVISION= 1 CATEGORIES= textproc python MASTER_SITES= CHEESESHOP PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} diff --git a/textproc/py-pygments/files/patch-CVE-2015-8557 b/textproc/py-pygments/files/patch-CVE-2015-8557 new file mode 100644 index 000000000000..0a6bd2a93fce --- /dev/null +++ b/textproc/py-pygments/files/patch-CVE-2015-8557 @@ -0,0 +1,49 @@ +# HG changeset patch +# User Tim Hatch <tim@timhatch.com> +# Date 1445007300 25200 +# Node ID 0036ab1c99e256298094505e5e92fdacdfc5b0a8 +# Parent c0c0d4049a7c325cd69b764c6ceb7747d319212d +Avoid the shell entirely when finding fonts. + +Manually tested on OS X. + +--- pygments/formatters/img.py.orig 2014-11-10 19:17:51 UTC ++++ pygments/formatters/img.py +@@ -15,6 +15,8 @@ from pygments.formatter import Formatter + from pygments.util import get_bool_opt, get_int_opt, get_list_opt, \ + get_choice_opt, xrange + ++import subprocess ++ + # Import this carefully + try: + from PIL import Image, ImageDraw, ImageFont +@@ -75,14 +77,11 @@ class FontManager(object): + self._create_nix() + + def _get_nix_font_path(self, name, style): +- try: +- from commands import getstatusoutput +- except ImportError: +- from subprocess import getstatusoutput +- exit, out = getstatusoutput('fc-list "%s:style=%s" file' % +- (name, style)) +- if not exit: +- lines = out.splitlines() ++ proc = subprocess.Popen(['fc-list', "%s:style=%s" % (name, style), 'file'], ++ stdout=subprocess.PIPE, stderr=None) ++ stdout, _ = proc.communicate() ++ if proc.returncode == 0: ++ lines = stdout.splitlines() + if lines: + path = lines[0].strip().strip(':') + return path +@@ -197,7 +196,7 @@ class ImageFormatter(Formatter): + bold and italic fonts will be generated. This really should be a + monospace font to look sane. + +- Default: "Bitstream Vera Sans Mono" ++ Default: "Bitstream Vera Sans Mono" on Windows, Courier New on *nix + + `font_size` + The font size in points to be used. |