Staging
v0.5.1
v0.5.1
https://github.com/python/cpython
Revision 79c6b602efc9a906c8496f3d5f4d54c54b48fa06 authored by Miss Islington (bot) on 15 July 2020, 12:35:08 UTC, committed by GitHub on 15 July 2020, 12:35:08 UTC
Avoid infinite loop when reading specially crafted TAR files using the tarfile module (CVE-2019-20907). (cherry picked from commit 5a8d121a1f3ef5ad7c105ee378cc79a3eac0c7d4) Co-authored-by: Rishi <rishi_devan@mail.com>
1 parent 620e276
Tip revision: 79c6b602efc9a906c8496f3d5f4d54c54b48fa06 authored by Miss Islington (bot) on 15 July 2020, 12:35:08 UTC
bpo-39017: Avoid infinite loop in the tarfile module (GH-21454) (GH-21484)
bpo-39017: Avoid infinite loop in the tarfile module (GH-21454) (GH-21484)
Tip revision: 79c6b60
pr.yml
variables:
manylinux: false
coverage: false
resources:
containers:
- container: manylinux1
image: pyca/cryptography-manylinux1:x86_64
jobs:
- job: Prebuild
displayName: Pre-build checks
pool:
vmImage: ubuntu-16.04
steps:
- template: ./prebuild-checks.yml
- job: Docs_PR
displayName: Docs PR
dependsOn: Prebuild
condition: and(succeeded(), eq(dependencies.Prebuild.outputs['docs.run'], 'true'))
pool:
vmImage: ubuntu-16.04
steps:
- template: ./docs-steps.yml
- job: macOS_PR_Tests
displayName: macOS PR Tests
dependsOn: Prebuild
#condition: and(succeeded(), eq(dependencies.Prebuild.outputs['tests.run'], 'true'))
# bpo-39837: macOS tests on Azure Pipelines are disabled
condition: false
variables:
testRunTitle: '$(system.pullRequest.TargetBranch)-macos'
testRunPlatform: macos
pool:
vmImage: macos-10.14
steps:
- template: ./macos-steps.yml
parameters:
targetBranch: $(System.PullRequest.TargetBranch)
- job: Ubuntu_PR_Tests
displayName: Ubuntu PR Tests
dependsOn: Prebuild
condition: and(succeeded(), eq(dependencies.Prebuild.outputs['tests.run'], 'true'))
pool:
vmImage: ubuntu-16.04
variables:
testRunTitle: '$(system.pullRequest.TargetBranch)-linux'
testRunPlatform: linux
openssl_version: 1.1.1g
steps:
- template: ./posix-steps.yml
parameters:
dependencies: apt
- job: ManyLinux1_PR_Tests
displayName: ManyLinux1 PR Tests
dependsOn: Prebuild
condition: |
and(
and(
succeeded(),
eq(variables['manylinux'], 'true')
),
eq(dependencies.Prebuild.outputs['tests.run'], 'true')
)
pool:
vmImage: ubuntu-16.04
container: manylinux1
variables:
testRunTitle: '$(system.pullRequest.TargetBranch)-manylinux1'
testRunPlatform: manylinux1
openssl_version: ''
steps:
- template: ./posix-steps.yml
parameters:
dependencies: yum
sudo_dependencies: ''
xvfb: false
patchcheck: false
- job: Ubuntu_Coverage_PR_Tests
displayName: Ubuntu PR Tests (coverage)
dependsOn: Prebuild
condition: |
and(
and(
succeeded(),
eq(variables['coverage'], 'true')
),
eq(dependencies.Prebuild.outputs['tests.run'], 'true')
)
pool:
vmImage: ubuntu-16.04
variables:
testRunTitle: '$(Build.SourceBranchName)-linux-coverage'
testRunPlatform: linux-coverage
openssl_version: 1.1.1g
steps:
- template: ./posix-steps.yml
parameters:
dependencies: apt
coverage: true
- job: Windows_PR_Tests
displayName: Windows PR Tests
dependsOn: Prebuild
condition: and(succeeded(), eq(dependencies.Prebuild.outputs['tests.run'], 'true'))
pool:
vmImage: vs2017-win2016
strategy:
matrix:
win32:
arch: win32
buildOpt:
testRunTitle: '$(System.PullRequest.TargetBranch)-win32'
testRunPlatform: win32
win64:
arch: amd64
buildOpt: '-p x64'
testRunTitle: '$(System.PullRequest.TargetBranch)-win64'
testRunPlatform: win64
maxParallel: 2
steps:
- template: ./windows-steps.yml
parameters:
targetBranch: $(System.PullRequest.TargetBranch)
Computing file changes ...