From 4ef6562ce0201513edeeecbc8ede44c2c0d80835 Mon Sep 17 00:00:00 2001 From: Gerion Entrup Date: Fri, 26 Aug 2022 01:22:57 +0200 Subject: dev-python/py-spy: add 0.3.12 Signed-off-by: Gerion Entrup --- ....12-fix-possible-security-vulnerabilities.patch | 246 +++++++++++++++++++++ 1 file changed, 246 insertions(+) create mode 100644 dev-python/py-spy/files/0.3.12-fix-possible-security-vulnerabilities.patch (limited to 'dev-python/py-spy/files') diff --git a/dev-python/py-spy/files/0.3.12-fix-possible-security-vulnerabilities.patch b/dev-python/py-spy/files/0.3.12-fix-possible-security-vulnerabilities.patch new file mode 100644 index 0000000..d334410 --- /dev/null +++ b/dev-python/py-spy/files/0.3.12-fix-possible-security-vulnerabilities.patch @@ -0,0 +1,246 @@ +From 628dacb94359da0f91a28301fc6200b429e05ace Mon Sep 17 00:00:00 2001 +From: Gerion Entrup +Date: Fri, 26 Aug 2022 01:09:02 +0200 +Subject: [PATCH] fix possible security vulnerabilities + +--- + Cargo.lock | 121 ++++++++++++++++++++++++++++++++++++++++++++++++----- + Cargo.toml | 4 +- + 2 files changed, 112 insertions(+), 13 deletions(-) + +diff --git a/Cargo.lock b/Cargo.lock +index 31b32e7..1c4fa0a 100644 +--- a/Cargo.lock ++++ b/Cargo.lock +@@ -42,6 +42,15 @@ dependencies = [ + "memchr", + ] + ++[[package]] ++name = "android_system_properties" ++version = "0.1.4" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "d7ed72e1635e121ca3e79420540282af22da58be50de153d36f81ddc6b83aa9e" ++dependencies = [ ++ "libc", ++] ++ + [[package]] + name = "ansi_term" + version = "0.12.1" +@@ -127,6 +136,12 @@ version = "1.3.2" + source = "registry+https://github.com/rust-lang/crates.io-index" + checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a" + ++[[package]] ++name = "bumpalo" ++version = "3.11.0" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "c1ad822118d20d2c234f427000d5acc36eabe1e29a348c89b63dd60b13f28e5d" ++ + [[package]] + name = "bytemuck" + version = "1.7.3" +@@ -156,14 +171,16 @@ checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" + + [[package]] + name = "chrono" +-version = "0.4.19" ++version = "0.4.22" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "670ad68c9088c2a963aaa298cb369688cf3f9465ce5e2d4ca10e6e0098a1ce73" ++checksum = "bfd4d1b31faaa3a89d7934dbded3111da0d2ef28e3ebccdb4f0179f5929d1ef1" + dependencies = [ +- "libc", ++ "iana-time-zone", ++ "js-sys", + "num-integer", + "num-traits", + "time", ++ "wasm-bindgen", + "winapi", + ] + +@@ -257,6 +274,12 @@ dependencies = [ + "winapi", + ] + ++[[package]] ++name = "core-foundation-sys" ++version = "0.8.3" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "5827cebf4670468b8772dd191856768aedcb1b0278a04f989f7766351917b9dc" ++ + [[package]] + name = "cpp_demangle" + version = "0.3.5" +@@ -481,6 +504,19 @@ version = "2.1.0" + source = "registry+https://github.com/rust-lang/crates.io-index" + checksum = "9a3a5bfb195931eeb336b2a7b4d761daec841b97f947d34394601737a7bba5e4" + ++[[package]] ++name = "iana-time-zone" ++version = "0.1.46" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "ad2bfd338099682614d3ee3fe0cd72e0b6a41ca6a87f6a74a3bd593c91650501" ++dependencies = [ ++ "android_system_properties", ++ "core-foundation-sys", ++ "js-sys", ++ "wasm-bindgen", ++ "winapi", ++] ++ + [[package]] + name = "indexmap" + version = "1.7.0" +@@ -539,6 +575,15 @@ version = "1.0.1" + source = "registry+https://github.com/rust-lang/crates.io-index" + checksum = "1aab8fc367588b89dcee83ab0fd66b72b50b72fa1904d7095045ace2b0c81c35" + ++[[package]] ++name = "js-sys" ++version = "0.3.59" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "258451ab10b34f8af53416d1fdab72c22e805f0c92a1136d59470ec0b11138b2" ++dependencies = [ ++ "wasm-bindgen", ++] ++ + [[package]] + name = "lazy_static" + version = "1.4.0" +@@ -553,9 +598,9 @@ checksum = "830d08ce1d1d941e6b30645f1a0eb5643013d835ce3779a5fc208261dbe10f55" + + [[package]] + name = "libc" +-version = "0.2.124" ++version = "0.2.132" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "21a41fed9d98f27ab1c6d161da622a4fa35e8a54a8adc24bbf3ddd0ef70b0e50" ++checksum = "8371e4e5341c3a96db127eb2465ac681ced4c433e01dd0e938adbef26ba93ba5" + + [[package]] + name = "libloading" +@@ -786,9 +831,9 @@ dependencies = [ + + [[package]] + name = "once_cell" +-version = "1.9.0" ++version = "1.13.1" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "da32515d9f6e6e489d7bc9d84c71b060db7247dc035bbe44eac88cf87486d8d5" ++checksum = "074864da206b4973b84eb91683020dbefd6a8c3f0f38e054d93954e891935e4e" + + [[package]] + name = "os_str_bytes" +@@ -1008,9 +1053,9 @@ dependencies = [ + + [[package]] + name = "regex" +-version = "1.5.4" ++version = "1.6.0" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "d07a8629359eb56f1e2fb1652bb04212c072a87ba68546a04065d525673ac461" ++checksum = "4c4eb3267174b8c6c2f654116623910a0fef09c4753f8dd83db29c48a0df988b" + dependencies = [ + "aho-corasick", + "memchr", +@@ -1019,9 +1064,9 @@ dependencies = [ + + [[package]] + name = "regex-syntax" +-version = "0.6.25" ++version = "0.6.27" + source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "f497285884f3fcff424ffc933e56d7cbca511def0c9831a7f9b5f6153e3cc89b" ++checksum = "a3f87b73ce11b1619a3c6332f45341e0047173771e8b8b73f87bfeefb7b56244" + + [[package]] + name = "remoteprocess" +@@ -1316,6 +1361,60 @@ version = "0.10.0+wasi-snapshot-preview1" + source = "registry+https://github.com/rust-lang/crates.io-index" + checksum = "1a143597ca7c7793eff794def352d41792a93c481eb1042423ff7ff72ba2c31f" + ++[[package]] ++name = "wasm-bindgen" ++version = "0.2.82" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "fc7652e3f6c4706c8d9cd54832c4a4ccb9b5336e2c3bd154d5cccfbf1c1f5f7d" ++dependencies = [ ++ "cfg-if", ++ "wasm-bindgen-macro", ++] ++ ++[[package]] ++name = "wasm-bindgen-backend" ++version = "0.2.82" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "662cd44805586bd52971b9586b1df85cdbbd9112e4ef4d8f41559c334dc6ac3f" ++dependencies = [ ++ "bumpalo", ++ "log", ++ "once_cell", ++ "proc-macro2", ++ "quote", ++ "syn", ++ "wasm-bindgen-shared", ++] ++ ++[[package]] ++name = "wasm-bindgen-macro" ++version = "0.2.82" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "b260f13d3012071dfb1512849c033b1925038373aea48ced3012c09df952c602" ++dependencies = [ ++ "quote", ++ "wasm-bindgen-macro-support", ++] ++ ++[[package]] ++name = "wasm-bindgen-macro-support" ++version = "0.2.82" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "5be8e654bdd9b79216c2929ab90721aa82faf65c48cdf08bdc4e7f51357b80da" ++dependencies = [ ++ "proc-macro2", ++ "quote", ++ "syn", ++ "wasm-bindgen-backend", ++ "wasm-bindgen-shared", ++] ++ ++[[package]] ++name = "wasm-bindgen-shared" ++version = "0.2.82" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "6598dd0bd3c7d51095ff6531a5b23e02acdc81804e30d8f07afb77b7215a140a" ++ + [[package]] + name = "which" + version = "4.2.2" +diff --git a/Cargo.toml b/Cargo.toml +index 8d00e22..116b6e7 100644 +--- a/Cargo.toml ++++ b/Cargo.toml +@@ -25,7 +25,7 @@ lazy_static = "1.4.0" + libc = "0.2" + log = "0.4" + lru = "0.7" +-regex = "1" ++regex = "1.5.5" + tempfile = "3.0.3" + proc-maps = "0.2.1" + memmap = "0.7.0" +@@ -36,7 +36,7 @@ serde_json = "1.0" + rand = "0.8" + rand_distr = "0.4" + remoteprocess = {version="0.4.9", features=["unwind"]} +-chrono = "0.4.19" ++chrono = "0.4.20" + + [target.'cfg(unix)'.dependencies] + termios = "0.3.3" +-- +2.35.1 + -- cgit v1.2.3-65-gdbad