revert
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python311?expand=0&rev=37
This commit is contained in:
Git OBS Bridge
parent
ba06f07184
commit
c6df50684c
@ -1,59 +0,0 @@
|
|||||||
From 85178d5849a4d9b5b46e7b91b1ebad7425139b44 Mon Sep 17 00:00:00 2001
|
|
||||||
From: "Gregory P. Smith" <greg@krypto.org>
|
|
||||||
Date: Thu, 20 Oct 2022 15:30:09 -0700
|
|
||||||
Subject: [PATCH] gh-97514: Don't use Linux abstract sockets for
|
|
||||||
multiprocessing (GH-98501)
|
|
||||||
|
|
||||||
Linux abstract sockets are insecure as they lack any form of filesystem
|
|
||||||
permissions so their use allows anyone on the system to inject code into
|
|
||||||
the process.
|
|
||||||
|
|
||||||
This removes the default preference for abstract sockets in
|
|
||||||
multiprocessing introduced in Python 3.9+ via
|
|
||||||
https://github.com/python/cpython/pull/18866 while fixing
|
|
||||||
https://github.com/python/cpython/issues/84031.
|
|
||||||
|
|
||||||
Explicit use of an abstract socket by a user now generates a
|
|
||||||
RuntimeWarning. If we choose to keep this warning, it should be
|
|
||||||
backported to the 3.7 and 3.8 branches.
|
|
||||||
(cherry picked from commit 49f61068f49747164988ffc5a442d2a63874fc17)
|
|
||||||
|
|
||||||
Co-authored-by: Gregory P. Smith <greg@krypto.org>
|
|
||||||
---
|
|
||||||
Lib/multiprocessing/connection.py | 5 ---
|
|
||||||
Misc/NEWS.d/next/Security/2022-09-07-10-42-00.gh-issue-97514.Yggdsl.rst | 15 ++++++++++
|
|
||||||
2 files changed, 15 insertions(+), 5 deletions(-)
|
|
||||||
create mode 100644 Misc/NEWS.d/next/Security/2022-09-07-10-42-00.gh-issue-97514.Yggdsl.rst
|
|
||||||
|
|
||||||
--- a/Lib/multiprocessing/connection.py
|
|
||||||
+++ b/Lib/multiprocessing/connection.py
|
|
||||||
@@ -73,11 +73,6 @@ def arbitrary_address(family):
|
|
||||||
if family == 'AF_INET':
|
|
||||||
return ('localhost', 0)
|
|
||||||
elif family == 'AF_UNIX':
|
|
||||||
- # Prefer abstract sockets if possible to avoid problems with the address
|
|
||||||
- # size. When coding portable applications, some implementations have
|
|
||||||
- # sun_path as short as 92 bytes in the sockaddr_un struct.
|
|
||||||
- if util.abstract_sockets_supported:
|
|
||||||
- return f"\0listener-{os.getpid()}-{next(_mmap_counter)}"
|
|
||||||
return tempfile.mktemp(prefix='listener-', dir=util.get_temp_dir())
|
|
||||||
elif family == 'AF_PIPE':
|
|
||||||
return tempfile.mktemp(prefix=r'\\.\pipe\pyc-%d-%d-' %
|
|
||||||
--- /dev/null
|
|
||||||
+++ b/Misc/NEWS.d/next/Security/2022-09-07-10-42-00.gh-issue-97514.Yggdsl.rst
|
|
||||||
@@ -0,0 +1,15 @@
|
|
||||||
+On Linux the :mod:`multiprocessing` module returns to using filesystem backed
|
|
||||||
+unix domain sockets for communication with the *forkserver* process instead of
|
|
||||||
+the Linux abstract socket namespace. Only code that chooses to use the
|
|
||||||
+:ref:`"forkserver" start method <multiprocessing-start-methods>` is affected.
|
|
||||||
+
|
|
||||||
+Abstract sockets have no permissions and could allow any user on the system in
|
|
||||||
+the same `network namespace
|
|
||||||
+<https://man7.org/linux/man-pages/man7/network_namespaces.7.html>`_ (often the
|
|
||||||
+whole system) to inject code into the multiprocessing *forkserver* process.
|
|
||||||
+This was a potential privilege escalation. Filesystem based socket permissions
|
|
||||||
+restrict this to the *forkserver* process user as was the default in Python 3.8
|
|
||||||
+and earlier.
|
|
||||||
+
|
|
||||||
+This prevents Linux `CVE-2022-42919
|
|
||||||
+<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42919>`_.
|
|
||||||
@ -1,11 +1,3 @@
|
|||||||
-------------------------------------------------------------------
|
|
||||||
Fri Nov 4 14:59:53 UTC 2022 - Matej Cepl <mcepl@suse.com>
|
|
||||||
|
|
||||||
- Add CVE-2022-42919-loc-priv-mulitproc-forksrv.patch to avoid
|
|
||||||
CVE-2022-42919 (bsc#1204886) avoiding Linux specific local
|
|
||||||
privilege escalation via the multiprocessing forkserver start
|
|
||||||
method.
|
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Tue Oct 25 08:39:47 UTC 2022 - Matej Cepl <mcepl@suse.com>
|
Tue Oct 25 08:39:47 UTC 2022 - Matej Cepl <mcepl@suse.com>
|
||||||
|
|
||||||
|
|||||||
@ -169,9 +169,6 @@ Patch36: support-expat-CVE-2022-25236-patched.patch
|
|||||||
# PATCH-FIX-UPSTREAM 98437-sphinx.locale._-as-gettext-in-pyspecific.patch gh#python/cpython#98366 mcepl@suse.com
|
# PATCH-FIX-UPSTREAM 98437-sphinx.locale._-as-gettext-in-pyspecific.patch gh#python/cpython#98366 mcepl@suse.com
|
||||||
# this patch makes things totally awesome
|
# this patch makes things totally awesome
|
||||||
Patch37: 98437-sphinx.locale._-as-gettext-in-pyspecific.patch
|
Patch37: 98437-sphinx.locale._-as-gettext-in-pyspecific.patch
|
||||||
# PATCH-FIX-UPSTREAM CVE-2022-42919-loc-priv-mulitproc-forksrv.patch bsc#1204886 mcepl@suse.com
|
|
||||||
# Avoid Linux specific local privilege escalation via the multiprocessing forkserver start method
|
|
||||||
Patch38: CVE-2022-42919-loc-priv-mulitproc-forksrv.patch
|
|
||||||
BuildRequires: autoconf-archive
|
BuildRequires: autoconf-archive
|
||||||
BuildRequires: automake
|
BuildRequires: automake
|
||||||
BuildRequires: fdupes
|
BuildRequires: fdupes
|
||||||
@ -439,7 +436,6 @@ other applications.
|
|||||||
%patch35 -p1
|
%patch35 -p1
|
||||||
%patch36 -p1
|
%patch36 -p1
|
||||||
%patch37 -p1
|
%patch37 -p1
|
||||||
%patch38 -p1
|
|
||||||
|
|
||||||
# drop Autoconf version requirement
|
# drop Autoconf version requirement
|
||||||
sed -i 's/^AC_PREREQ/dnl AC_PREREQ/' configure.ac
|
sed -i 's/^AC_PREREQ/dnl AC_PREREQ/' configure.ac
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user