diff --git a/sdk_container/src/third_party/portage-stable/dev-python/pyyaml/Manifest b/sdk_container/src/third_party/portage-stable/dev-python/pyyaml/Manifest new file mode 100644 index 0000000000..360375ff28 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-python/pyyaml/Manifest @@ -0,0 +1 @@ +DIST pyyaml-5.3.1.gh.tar.gz 168044 BLAKE2B 2acc62ecc7448925eb340c2555001c8a74bd883d720b992d6deaea890b4eac435e4ae02eb129db3a6778c0be21a231fa9d96ee8ae59a4a39bc49961e5fb0d6ab SHA512 27d97e8493c7660c7c0c471e20a8aa46c85431e4559a98bcbdafc2bd89a67fd04c6f2090e54ff6b206c868b33635ef8be68070a4c25d17a25c97fd5ad3549556 diff --git a/sdk_container/src/third_party/portage-stable/dev-python/pyyaml/files/pyyaml-5.1-cve-2017-18342.patch b/sdk_container/src/third_party/portage-stable/dev-python/pyyaml/files/pyyaml-5.1-cve-2017-18342.patch new file mode 100644 index 0000000000..28626ba9e9 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-python/pyyaml/files/pyyaml-5.1-cve-2017-18342.patch @@ -0,0 +1,40 @@ +diff --git a/lib/yaml/__init__.py b/lib/yaml/__init__.py +index e7a419d..5f80761 100644 +--- a/lib/yaml/__init__.py ++++ b/lib/yaml/__init__.py +@@ -106,6 +106,7 @@ def load(stream, Loader=None): + and produce the corresponding Python object. + """ + if Loader is None: ++ raise RuntimeError("Unsafe load() call disabled by Gentoo. See bug #659348") + load_warning('load') + Loader = FullLoader + +@@ -121,6 +122,7 @@ def load_all(stream, Loader=None): + and produce corresponding Python objects. + """ + if Loader is None: ++ raise RuntimeError("Unsafe load() call disabled by Gentoo. See bug #659348") + load_warning('load_all') + Loader = FullLoader + +diff --git a/lib3/yaml/__init__.py b/lib3/yaml/__init__.py +index 5df0bb5..6952ba5 100644 +--- a/lib3/yaml/__init__.py ++++ b/lib3/yaml/__init__.py +@@ -106,6 +106,7 @@ def load(stream, Loader=None): + and produce the corresponding Python object. + """ + if Loader is None: ++ raise RuntimeError("Unsafe load() call disabled by Gentoo. See bug #659348") + load_warning('load') + Loader = FullLoader + +@@ -121,6 +122,7 @@ def load_all(stream, Loader=None): + and produce corresponding Python objects. + """ + if Loader is None: ++ raise RuntimeError("Unsafe load() call disabled by Gentoo. See bug #659348") + load_warning('load_all') + Loader = FullLoader + diff --git a/sdk_container/src/third_party/portage-stable/dev-python/pyyaml/metadata.xml b/sdk_container/src/third_party/portage-stable/dev-python/pyyaml/metadata.xml new file mode 100644 index 0000000000..79464ece48 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-python/pyyaml/metadata.xml @@ -0,0 +1,14 @@ + + + + + python@gentoo.org + Python + + + enable support for C implementation using libyaml + + + cpe:/a:pyyaml_project:pyyaml + + diff --git a/sdk_container/src/third_party/portage-stable/dev-python/pyyaml/pyyaml-5.3.1-r1.ebuild b/sdk_container/src/third_party/portage-stable/dev-python/pyyaml/pyyaml-5.3.1-r1.ebuild new file mode 100644 index 0000000000..5cef66731a --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-python/pyyaml/pyyaml-5.3.1-r1.ebuild @@ -0,0 +1,47 @@ +# Copyright 1999-2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +DISTUTILS_USE_SETUPTOOLS=no +PYTHON_COMPAT=( python3_{6..9} pypy3 ) + +inherit distutils-r1 + +DESCRIPTION="YAML parser and emitter for Python" +HOMEPAGE="https://pyyaml.org/wiki/PyYAML + https://pypi.org/project/PyYAML/ + https://github.com/yaml/pyyaml" +SRC_URI="https://github.com/yaml/pyyaml/archive/${PV}.tar.gz -> ${P}.gh.tar.gz" + +LICENSE="MIT" +SLOT="0" +KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~m68k ~mips ppc ppc64 ~riscv s390 sparc x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~x64-solaris ~x86-solaris" +IUSE="examples +libyaml" + +RDEPEND="libyaml? ( dev-libs/libyaml:= )" +DEPEND="${RDEPEND} + libyaml? ( + $(python_gen_cond_dep ' + dev-python/cython[${PYTHON_USEDEP}] + ' 'python*') + )" + +PATCHES=( + # bug #659348 + "${FILESDIR}/pyyaml-5.1-cve-2017-18342.patch" +) + +distutils_enable_tests setup.py + +python_configure_all() { + mydistutilsargs=( $(use_with libyaml) ) +} + +python_install_all() { + distutils-r1_python_install_all + if use examples; then + dodoc -r examples + docompress -x /usr/share/doc/${PF} + fi +} diff --git a/sdk_container/src/third_party/portage-stable/dev-python/pyyaml/pyyaml-5.3.1.ebuild b/sdk_container/src/third_party/portage-stable/dev-python/pyyaml/pyyaml-5.3.1.ebuild new file mode 100644 index 0000000000..8cfda41442 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-python/pyyaml/pyyaml-5.3.1.ebuild @@ -0,0 +1,47 @@ +# Copyright 1999-2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +DISTUTILS_USE_SETUPTOOLS=no +PYTHON_COMPAT=( python2_7 python3_{6,7,8,9} pypy3 ) + +inherit distutils-r1 + +DESCRIPTION="YAML parser and emitter for Python" +HOMEPAGE="https://pyyaml.org/wiki/PyYAML + https://pypi.org/project/PyYAML/ + https://github.com/yaml/pyyaml" +SRC_URI="https://github.com/yaml/pyyaml/archive/${PV}.tar.gz -> ${P}.gh.tar.gz" + +LICENSE="MIT" +SLOT="0" +KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~m68k ~mips ppc ppc64 ~riscv s390 sparc x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~x64-solaris ~x86-solaris" +IUSE="examples +libyaml" + +RDEPEND="libyaml? ( dev-libs/libyaml:= )" +DEPEND="${RDEPEND} + libyaml? ( + $(python_gen_cond_dep ' + dev-python/cython[${PYTHON_USEDEP}] + ' 'python*') + )" + +PATCHES=( + # bug #659348 + "${FILESDIR}/pyyaml-5.1-cve-2017-18342.patch" +) + +distutils_enable_tests setup.py + +python_configure_all() { + mydistutilsargs=( $(use_with libyaml) ) +} + +python_install_all() { + distutils-r1_python_install_all + if use examples; then + dodoc -r examples + docompress -x /usr/share/doc/${PF} + fi +}