Bug 782520

Summary:	<dev-python/pypy3-7.3.3_p37_p3, <dev-python/pypy-7.3.3_p3: multiple vulnerabilities
Product:	Gentoo Security	Reporter:	Michał Górny <mgorny>
Component:	Vulnerabilities	Assignee:	Gentoo Security <security>
Status:	CONFIRMED ---
Severity:	minor	CC:	python
Priority:	Normal
Version:	unspecified
Hardware:	All
OS:	Linux
See Also:	https://bugs.gentoo.org/show_bug.cgi?id=779841
Whiteboard:	B4 [glsa?]
Package list:	dev-python/pypy3-7.3.3_p37_p3 dev-python/pypy3-exe-7.3.3_p37_p2 dev-python/pypy3-exe-bin-7.3.3_p37_p2 dev-python/pypy-7.3.3_p3	Runtime testing required:	---

Description Michał Górny archtester

2021-04-12 13:51:32 UTC

Same stuff as CPython:

- bpo-42988: Remove the pydoc getfile feature
- bpo-43285 Make ftplib not trust the PASV response.

Comment 1 NATTkA bot gentoo-dev

2021-04-12 13:52:23 UTC Comment hidden (obsolete)

Sanity check failed:

> dev-python/pypy3-7.3.3_p37_p3
>   depend amd64 dev profile default/linux/amd64/17.0/x32 (1 total)
>     >=dev-python/pypy3-exe-7.3.3_p37_p2:7.3.3_p37[bzip2,ncurses]
>     >=dev-python/pypy3-exe-bin-7.3.3_p37_p2:7.3.3_p37
>   depend amd64 stable profile default/linux/amd64/17.1 (26 total)
>     >=dev-python/pypy3-exe-7.3.3_p37_p2:7.3.3_p37[bzip2,ncurses]
>     >=dev-python/pypy3-exe-bin-7.3.3_p37_p2:7.3.3_p37
>   rdepend amd64 dev profile default/linux/amd64/17.0/x32 (1 total)
>     >=dev-python/pypy3-exe-7.3.3_p37_p2:7.3.3_p37[bzip2,ncurses]
>     >=dev-python/pypy3-exe-bin-7.3.3_p37_p2:7.3.3_p37
>   rdepend amd64 stable profile default/linux/amd64/17.1 (26 total)
>     >=dev-python/pypy3-exe-7.3.3_p37_p2:7.3.3_p37[bzip2,ncurses]
>     >=dev-python/pypy3-exe-bin-7.3.3_p37_p2:7.3.3_p37

Comment 2 NATTkA bot gentoo-dev

2021-04-12 13:56:23 UTC Comment hidden (obsolete)

All sanity-check issues have been resolved

Comment 3 NATTkA bot gentoo-dev

2021-04-16 13:45:44 UTC Comment hidden (obsolete)

Sanity check failed:

> dev-python/pypy3-7.3.3_p37_p3
>   depend amd64 dev profile default/linux/amd64/17.0/x32 (1 total)
>     >=dev-python/pypy3-exe-7.3.3_p37_p2:7.3.3_p37[bzip2,ncurses]
>     >=dev-python/pypy3-exe-bin-7.3.3_p37_p2:7.3.3_p37
>   depend amd64 stable profile default/linux/amd64/17.1 (26 total)
>     >=dev-python/pypy3-exe-7.3.3_p37_p2:7.3.3_p37[bzip2,ncurses]
>     >=dev-python/pypy3-exe-bin-7.3.3_p37_p2:7.3.3_p37
>   rdepend amd64 dev profile default/linux/amd64/17.0/x32 (1 total)
>     >=dev-python/pypy3-exe-7.3.3_p37_p2:7.3.3_p37[bzip2,ncurses]
>     >=dev-python/pypy3-exe-bin-7.3.3_p37_p2:7.3.3_p37
>   rdepend amd64 stable profile default/linux/amd64/17.1 (26 total)
>     >=dev-python/pypy3-exe-7.3.3_p37_p2:7.3.3_p37[bzip2,ncurses]
>     >=dev-python/pypy3-exe-bin-7.3.3_p37_p2:7.3.3_p37

Comment 4 NATTkA bot gentoo-dev

2021-04-16 13:48:38 UTC Comment hidden (obsolete)

All sanity-check issues have been resolved

Comment 5 NATTkA bot gentoo-dev

2021-04-16 13:53:13 UTC Comment hidden (obsolete)

Sanity check failed:

> dev-python/pypy3-7.3.3_p37_p3
>   depend amd64 dev profile default/linux/amd64/17.0/x32 (1 total)
>     >=dev-python/pypy3-exe-7.3.3_p37_p2:7.3.3_p37[bzip2,ncurses]
>     >=dev-python/pypy3-exe-bin-7.3.3_p37_p2:7.3.3_p37
>   depend amd64 stable profile default/linux/amd64/17.1 (26 total)
>     >=dev-python/pypy3-exe-7.3.3_p37_p2:7.3.3_p37[bzip2,ncurses]
>     >=dev-python/pypy3-exe-bin-7.3.3_p37_p2:7.3.3_p37
>   rdepend amd64 dev profile default/linux/amd64/17.0/x32 (1 total)
>     >=dev-python/pypy3-exe-7.3.3_p37_p2:7.3.3_p37[bzip2,ncurses]
>     >=dev-python/pypy3-exe-bin-7.3.3_p37_p2:7.3.3_p37
>   rdepend amd64 stable profile default/linux/amd64/17.1 (26 total)
>     >=dev-python/pypy3-exe-7.3.3_p37_p2:7.3.3_p37[bzip2,ncurses]
>     >=dev-python/pypy3-exe-bin-7.3.3_p37_p2:7.3.3_p37

Comment 6 NATTkA bot gentoo-dev

2021-04-16 13:56:38 UTC Comment hidden (obsolete)

All sanity-check issues have been resolved

Comment 7 Sam James archtester

2021-04-19 21:24:26 UTC Comment hidden (obsolete)

x86 done

Comment 8 Sam James archtester

2021-04-19 21:24:53 UTC Comment hidden (obsolete)

amd64 done

all arches done

Comment 9 Sam James archtester

2021-04-19 21:27:25 UTC

(In reply to Sam James from comment #8)
> amd64 done
> 
> all arches done

Ignore, sorry

Comment 10 Agostino Sarubbo gentoo-dev

2021-05-01 18:20:13 UTC

amd64 stable

Comment 11 Agostino Sarubbo gentoo-dev

2021-05-11 10:03:36 UTC

x86 stable.

Maintainer(s), please cleanup.
Security, please vote.

Comment 12 NATTkA bot gentoo-dev

2021-05-19 20:24:28 UTC

Unable to check for sanity:

> no match for package: dev-python/pypy3-7.3.3_p37_p3