[Python-checkins] bpo-44549: Update bzip2 to 1.0.8 in Windows builds to mitigate CVE-2016-3189 and CVE-2019-12900 (GH-31732) (GH-31735)
ned-deily
webhook-mailer at python.org
Mon Mar 7 14:34:59 EST 2022
https://github.com/python/cpython/commit/4a3c610cd635f14747cf02c77908e80620aae6ea
commit: 4a3c610cd635f14747cf02c77908e80620aae6ea
branch: 3.7
author: Steve Dower <steve.dower at python.org>
committer: ned-deily <nad at python.org>
date: 2022-03-07T14:34:46-05:00
summary:
bpo-44549: Update bzip2 to 1.0.8 in Windows builds to mitigate CVE-2016-3189 and CVE-2019-12900 (GH-31732) (GH-31735)
files:
A Misc/NEWS.d/next/Windows/2022-03-07-17-46-40.bpo-44549.SPrGS9.rst
M PCbuild/get_externals.bat
M PCbuild/python.props
M PCbuild/readme.txt
diff --git a/Misc/NEWS.d/next/Windows/2022-03-07-17-46-40.bpo-44549.SPrGS9.rst b/Misc/NEWS.d/next/Windows/2022-03-07-17-46-40.bpo-44549.SPrGS9.rst
new file mode 100644
index 0000000000000..0f1ef9af6c617
--- /dev/null
+++ b/Misc/NEWS.d/next/Windows/2022-03-07-17-46-40.bpo-44549.SPrGS9.rst
@@ -0,0 +1,2 @@
+Update bzip2 to 1.0.8 in Windows builds to mitigate CVE-2016-3189 and
+CVE-2019-12900
diff --git a/PCbuild/get_externals.bat b/PCbuild/get_externals.bat
index 38fc2756b18d0..9c7f81542ed04 100644
--- a/PCbuild/get_externals.bat
+++ b/PCbuild/get_externals.bat
@@ -48,7 +48,7 @@ if NOT DEFINED PYTHON (
echo.Fetching external libraries...
set libraries=
-set libraries=%libraries% bzip2-1.0.6
+set libraries=%libraries% bzip2-1.0.8
if NOT "%IncludeSSLSrc%"=="false" set libraries=%libraries% openssl-1.1.1g
set libraries=%libraries% sqlite-3.31.1.0
if NOT "%IncludeTkinterSrc%"=="false" set libraries=%libraries% tcl-core-8.6.9.0
diff --git a/PCbuild/python.props b/PCbuild/python.props
index 1034e7f3da3fe..d3ad12c72830b 100644
--- a/PCbuild/python.props
+++ b/PCbuild/python.props
@@ -47,7 +47,7 @@
<ExternalsDir Condition="$(ExternalsDir) == ''">$([System.IO.Path]::GetFullPath(`$(PySourcePath)externals`))</ExternalsDir>
<ExternalsDir Condition="!HasTrailingSlash($(ExternalsDir))">$(ExternalsDir)\</ExternalsDir>
<sqlite3Dir>$(ExternalsDir)sqlite-3.31.1.0\</sqlite3Dir>
- <bz2Dir>$(ExternalsDir)bzip2-1.0.6\</bz2Dir>
+ <bz2Dir>$(ExternalsDir)bzip2-1.0.8\</bz2Dir>
<lzmaDir>$(ExternalsDir)xz-5.2.2\</lzmaDir>
<opensslDir>$(ExternalsDir)openssl-1.1.1g\</opensslDir>
<opensslOutDir>$(ExternalsDir)openssl-bin-1.1.1g\$(ArchName)\</opensslOutDir>
diff --git a/PCbuild/readme.txt b/PCbuild/readme.txt
index 9c521fa52d898..5e57a9590cb6b 100644
--- a/PCbuild/readme.txt
+++ b/PCbuild/readme.txt
@@ -157,7 +157,7 @@ interpreter, but they do implement several major features. See the
about getting the source for building these libraries. The sub-projects
are:
_bz2
- Python wrapper for version 1.0.6 of the libbzip2 compression library
+ Python wrapper for version 1.0.8 of the libbzip2 compression library
Homepage:
http://www.bzip.org/
_lzma
More information about the Python-checkins
mailing list