packages/python3
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!256 [sync] PR-255: Fix CVE-2007-4559 by adding filter parameter to tarfile.extractall

Browse Source 
From: @openeuler-sync-bot 
Reviewed-by: @gaoruoshu 
Signed-off-by: @gaoruoshu
This commit is contained in:
openeuler-ci-bot 2023-08-14 12:13:38 +00:00 committed by Gitee
commit fa5fa5935b
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
2 changed files with 2469 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2458
backport-CVE-2007-4559.patch Normal file
View File

File diff suppressed because it is too large Load Diff

14
python3.spec
View File

@ -3,7 +3,7 @@ Summary: Interpreter of the Python3 programming language
URL: https://www.python.org/ URL: https://www.python.org/
Version: 3.9.9 Version: 3.9.9
Release: 24 Release: 25
License: Python-2.0 License: Python-2.0
%global branchversion 3.9 %global branchversion 3.9
@ -104,6 +104,7 @@ Patch6010: backport-CVE-2022-42919.patch
Patch6011: backport-CVE-2022-45061.patch Patch6011: backport-CVE-2022-45061.patch
Patch6012: backport-CVE-2022-37454.patch Patch6012: backport-CVE-2022-37454.patch
Patch6013: backport-Make-urllib.parse.urlparse-enforce-that-a-scheme-mus.patch Patch6013: backport-Make-urllib.parse.urlparse-enforce-that-a-scheme-mus.patch
Patch6014: backport-CVE-2007-4559.patch
Patch9000: add-the-sm3-method-for-obtaining-the-salt-value.patch Patch9000: add-the-sm3-method-for-obtaining-the-salt-value.patch
Patch9001: python3-Add-sw64-architecture.patch Patch9001: python3-Add-sw64-architecture.patch
@ -207,6 +208,7 @@ rm -r Modules/expat
%patch6011 -p1 %patch6011 -p1
%patch6012 -p1 %patch6012 -p1
%patch6013 -p1 %patch6013 -p1
%patch6014 -p1
%patch9000 -p1 %patch9000 -p1
%patch9001 -p1 %patch9001 -p1
@ -244,7 +246,7 @@ export LDFLAGS_NODIST="%{build_ldflags} -g $(pkg-config --libs-only-L openssl)"
%ifarch %{arm} aarch64 %ifarch %{arm} aarch64
export CFLAGS="$CFLAGS -funsigned-char" export CFLAGS="$CFLAGS -funsigned-char"
%endif %endif
DebugBuildDir=build/debug DebugBuildDir=build/debug
mkdir -p ${DebugBuildDir} mkdir -p ${DebugBuildDir}
@ -836,6 +838,12 @@ export BEP_GTDLIST="$BEP_GTDLIST_TMP"
%{_mandir}/*/* %{_mandir}/*/*
%changelog %changelog
* Mon Aug 07 2023 zhaoyu <zhaoyu64@huawei.com>- 3.9.9-25
- Type:CVE
- CVE:CVE-2007-4559
- SUG:NA
- DESC:Add a filter parameter to tarfile.extractall will allow users to avoid CVE-2007-4559 by changing their code/settings.
* Thu Apr 06 2023 shixuantong <shixuantong1@huawei.com>- 3.9.9-24 * Thu Apr 06 2023 shixuantong <shixuantong1@huawei.com>- 3.9.9-24
- Type:CVE - Type:CVE
- CVE:CVE-2023-24329 - CVE:CVE-2023-24329
@ -990,7 +998,7 @@ export BEP_GTDLIST="$BEP_GTDLIST_TMP"
- Type:bugfix - Type:bugfix
- ID:NA - ID:NA
- SUG:NA - SUG:NA
- DESC:deleting gdb build dependency - DESC:deleting gdb build dependency
* Mon May 31 2021 shixuantong<shixuantong@huawei.com> - 3.8.5-11 * Mon May 31 2021 shixuantong<shixuantong@huawei.com> - 3.8.5-11
- Type:CVE - Type:CVE