updating qscintilla with gentoo settings, python3 3.3.2 update

python3/CVE-2013-2099.patch

@@ -0,0 +1,50 @@
+# HG changeset patch
+# User Antoine Pitrou <solipsis@pitrou.net>
+# Date 1368892602 -7200
+# Node ID c627638753e2d25a98950585b259104a025937a9
+# Parent  9682241dc8fcb4b1aef083bd30860efa070c3d6d
+Issue #17980: Fix possible abuse of ssl.match_hostname() for denial of service using certificates with many wildcards (CVE-2013-2099).
+
+diff --git a/Lib/ssl.py b/Lib/ssl.py
+--- a/Lib/ssl.py
++++ b/Lib/ssl.py
+@@ -129,9 +129,16 @@ class CertificateError(ValueError):
+     pass
+
+
+-def _dnsname_to_pat(dn):
++def _dnsname_to_pat(dn, max_wildcards=1):
+     pats = []
+     for frag in dn.split(r'.'):
++        if frag.count('*') > max_wildcards:
++            # Issue #17980: avoid denials of service by refusing more
++            # than one wildcard per fragment.  A survery of established
++            # policy among SSL implementations showed it to be a
++            # reasonable choice.
++            raise CertificateError(
++                "too many wildcards in certificate DNS name: " + repr(dn))
+         if frag == '*':
+             # When '*' is a fragment by itself, it matches a non-empty dotless
+             # fragment.
+diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py
+--- a/Lib/test/test_ssl.py
++++ b/Lib/test/test_ssl.py
+@@ -349,6 +349,17 @@ class BasicSocketTests(unittest.TestCase
+         self.assertRaises(ValueError, ssl.match_hostname, None, 'example.com')
+         self.assertRaises(ValueError, ssl.match_hostname, {}, 'example.com')
+
++        # Issue #17980: avoid denials of service by refusing more than one
++        # wildcard per fragment.
++        cert = {'subject': ((('commonName', 'a*b.com'),),)}
++        ok(cert, 'axxb.com')
++        cert = {'subject': ((('commonName', 'a*b.co*'),),)}
++        ok(cert, 'axxb.com')
++        cert = {'subject': ((('commonName', 'a*b*.com'),),)}
++        with self.assertRaises(ssl.CertificateError) as cm:
++            ssl.match_hostname(cert, 'axxbxxc.com')
++        self.assertIn("too many wildcards", str(cm.exception))
++
+     def test_server_side(self):
+         # server_hostname doesn't work for server sockets
+         ctx = ssl.SSLContext(ssl.PROTOCOL_SSLv23)
+

python3/PKGBUILD

@@ -1,6 +1,6 @@
 
 pkgname=python3
-pkgver=3.3.1
+pkgver=3.3.2
 pkgrel=1
 _pybasever=3.3
 pkgdesc="Next generation of the python high-level scripting language"
@@ -11,21 +11,22 @@ depends=('expat' 'bzip2' 'gdbm' 'openssl' 'libffi' 'zlib')
 makedepends=('tk' 'sqlite3' 'valgrind')
 optdepends=('tk: for tkinter')
 options=('!makeflags')
-source=("http://www.python.org/ftp/python/${pkgver}/Python-${pkgver}.tar.bz2")
-md5sums=('fb7147a15359a941e0b048c641fd7123')  
+source=("http://www.python.org/ftp/python/${pkgver}/Python-${pkgver}.tar.bz2"
+        'CVE-2013-2099.patch')
+md5sums=('7dffe775f3bea68a44f762a3490e5e28'
+         '046c164b0a549bdac00bdd28cccd7ba1')  
 
 build() {
   cd "${srcdir}/Python-${pkgver}"
 
   sed -i -e "s|^#.* /usr/local/bin/python|#!/usr/bin/python|" Lib/cgi.py
 
-  # Ensure that we are using the system copy of various libraries (expat, zlib and libffi),
-  # rather than copies shipped in the tarball
-
+  # Use the system copy of various libraries (expat, zlib and libffi)rather than copies shipped  
   rm -r Modules/expat
   rm -r Modules/zlib
   rm -r Modules/_ctypes/{darwin,libffi}*
-
+
+  patch -p1 -i ${srcdir}/CVE-2013-2099.patch
 
   ./configure --prefix=/usr \
               --enable-shared \
@@ -43,7 +44,7 @@ build() {
 #check() {
 #  cd "${srcdir}/Python-${pkgver}"
 #  LD_LIBRARY_PATH="${srcdir}/Python-${pkgver}":${LD_LIBRARY_PATH} \
-#     "${srcdir}/Python-${pkgver}/python" -m test.regrtest -x test_distutils test_site
+#     "${srcdir}/Python-${pkgver}/python" -m test.regrtest -x test_posixpath test_logging
 #}
 
 package() {

qscintilla/PKGBUILD

@@ -1,52 +1,42 @@
 
-pkgbase=qscintilla
-pkgname=('qscintilla' 'python2-qscintilla')
-pkgver=2.7
-pkgrel=2
+pkgname=qscintilla
+#pkgname=('qscintilla' 'python2-qscintilla')
+pkgver=2.7.1
+pkgrel=1
 license=('GPL')
 arch=('x86_64')
 url="http://www.riverbankcomputing.co.uk/software/qscintilla/intro"
 makedepends=('pyqt' 'chrpath')
 source=("http://downloads.sourceforge.net/pyqt/QScintilla-gpl-${pkgver}.tar.gz"
-        'configure.py-objdir-support.diff')
-md5sums=('a3857d75a2b332e0460131e0aa4cc4b5'
-         '8cf9c06252e2f11ab00e62848e322fd3')
+        'designer.patch')
+md5sums=('da8939b5679a075e30c6632e54dc5abf'
+         '95dc2978c35cfa94350e3310e1d295ea')
 
 build() {
     cd $srcdir/QScintilla-gpl-$pkgver
-    patch -p1 -i "${srcdir}/configure.py-objdir-support.diff"
+    patch -p0 -i "${srcdir}/designer.patch"
 
     cd Qt4Qt5
     qmake qscintilla.pro
     make
 
-    cd ../designer-Qt4
+    cd ../designer-Qt4Qt5
     qmake designer.pro INCLUDEPATH+=../Qt4Qt5 QMAKE_LIBDIR+=../Qt4Qt5
     make
 
-    cd ../Python
-    python2 configure.py -n ../Qt4Qt5/ -o ../Qt4Qt5 -c -p 4 
-    make
+    #cd ../Python
+    #python2 configure.py -n ../Qt4Qt5/ -o ../Qt4Qt5 -c -p 4 
+    #make
 }
 
-package_qscintilla() {
+package() {
     pkgdesc="A port to Qt of Neil Hodgson's Scintilla C++ editor class"
     depends=('qt')
 
     cd ${srcdir}/QScintilla-gpl-${pkgver}/Qt4Qt5
     make DESTDIR="${pkgdir}" INSTALL_ROOT="${pkgdir}" install
 
-    cd ${srcdir}/QScintilla-gpl-${pkgver}/designer-Qt4
+    cd ${srcdir}/QScintilla-gpl-${pkgver}/designer-Qt4Qt5
     make DESTDIR="${pkgdir}" INSTALL_ROOT="${pkgdir}" install
 }
 
-package_python2-qscintilla() {
-    pkgdesc="Python bindings for QScintilla2"
-    conflicts=('python-qscintilla')
-    replaces=('python-qscintilla')
-    provides=('python-qscintilla')
-    depends=('qscintilla' 'pyqt')
-
-    cd "${srcdir}/QScintilla-gpl-${pkgver}/Python"
-    make DESTDIR="${pkgdir}" INSTALL_ROOT="${pkgdir}" install
-}

qscintilla/designer.patch

@@ -0,0 +1,10 @@
+--- designer-Qt4Qt5/designer.pro
++++ designer-Qt4Qt5/designer.pro
+@@ -26,4 +26,5 @@
+ target.path = $$[QT_INSTALL_PLUGINS]/designer
+ INSTALLS += target
+
+-LIBS += -L$$[QT_INSTALL_LIBS] -lqscintilla2
++INCLUDEPATH = ../Qt4Qt5
++LIBS += -L../Qt4Qt5 -lqscintilla2
+