pool/python
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

- Revert CVE-2022-48560-after-free-heappushpop.patch, the fix was

Browse Source 
unneeded.
- Add CVE-2022-48560-after-free-heappushpop.patch fixing
  use-after-free in Python via heappushpop in heapq (bsc#1214675,
  CVE-2022-48560).

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=411
This commit is contained in:
Matej Cepl 2024-04-23 15:53:53 +00:00 committed by Git OBS Bridge
parent bd965ddc0d
commit 93c812d448
3 changed files with 15 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
python-base.changes
View File

@ -4,6 +4,8 @@ Tue Apr 16 15:39:24 UTC 2024 - Matej Cepl <mcepl@cepl.eu>
- Modify CVE-2023-27043-email-parsing-errors.patch to fix the
unicode string handling in email.utils.parseaddr()
(bsc#1222537).
- Revert CVE-2022-48560-after-free-heappushpop.patch, the fix was
unneeded.
-------------------------------------------------------------------
Mon Mar 18 09:54:20 UTC 2024 - Matej Cepl <mcepl@cepl.eu>
@ -24,6 +26,9 @@ Mon Jan 8 10:00:07 UTC 2024 - Daniel Garcia <daniel.garcia@suse.com>
-------------------------------------------------------------------
Mon Nov 27 16:30:33 UTC 2023 - Matej Cepl <mcepl@cepl.eu>
- Add CVE-2022-48560-after-free-heappushpop.patch fixing
use-after-free in Python via heappushpop in heapq (bsc#1214675,
CVE-2022-48560).
- switch from %patchN style to the %patch -P N one.
-------------------------------------------------------------------

5
python-doc.changes
View File

@ -4,6 +4,8 @@ Tue Apr 16 15:39:24 UTC 2024 - Matej Cepl <mcepl@cepl.eu>
- Modify CVE-2023-27043-email-parsing-errors.patch to fix the
unicode string handling in email.utils.parseaddr()
(bsc#1222537).
- Revert CVE-2022-48560-after-free-heappushpop.patch, the fix was
unneeded.
-------------------------------------------------------------------
Mon Mar 18 09:54:20 UTC 2024 - Matej Cepl <mcepl@cepl.eu>
@ -24,6 +26,9 @@ Mon Jan 8 10:00:07 UTC 2024 - Daniel Garcia <daniel.garcia@suse.com>
-------------------------------------------------------------------
Mon Nov 27 16:30:33 UTC 2023 - Matej Cepl <mcepl@cepl.eu>
- Add CVE-2022-48560-after-free-heappushpop.patch fixing
use-after-free in Python via heappushpop in heapq (bsc#1214675,
CVE-2022-48560).
- switch from %patchN style to the %patch -P N one.
-------------------------------------------------------------------

5
python.changes
View File

@ -4,6 +4,8 @@ Tue Apr 16 15:39:24 UTC 2024 - Matej Cepl <mcepl@cepl.eu>
- Modify CVE-2023-27043-email-parsing-errors.patch to fix the
unicode string handling in email.utils.parseaddr()
(bsc#1222537).
- Revert CVE-2022-48560-after-free-heappushpop.patch, the fix was
unneeded.
-------------------------------------------------------------------
Mon Mar 18 09:54:20 UTC 2024 - Matej Cepl <mcepl@cepl.eu>
@ -24,6 +26,9 @@ Mon Jan 8 10:00:07 UTC 2024 - Daniel Garcia <daniel.garcia@suse.com>
-------------------------------------------------------------------
Mon Nov 27 16:30:33 UTC 2023 - Matej Cepl <mcepl@cepl.eu>
- Add CVE-2022-48560-after-free-heappushpop.patch fixing
use-after-free in Python via heappushpop in heapq (bsc#1214675,
CVE-2022-48560).
- switch from %patchN style to the %patch -P N one.
-------------------------------------------------------------------