pool/python
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 923134 from devel:languages:python:Factory

Browse Source 
- Add CVE-2019-20907_tarfile-inf-loop.patch fixing bsc#1174091
  (CVE-2019-20907, bpo#39017) avoiding possible infinite loop
  in specifically crafted tarball.
  Add recursion.tar as a testing tarball for the patch.

OBS-URL: https://build.opensuse.org/request/show/923134
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python?expand=0&rev=159
This commit is contained in:
Dominique Leuenberger 2021-10-05 20:33:50 +00:00 committed by Git OBS Bridge
commit a2d457cf35
3 changed files with 21 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
python-base.changes
View File

@ -46,6 +46,13 @@ Mon Aug 9 15:16:15 UTC 2021 - Fusion Future <qydwhotmail@gmail.com>
which fixes http client infinite line reading (DoS) after a http
100 (bpo#44022, boo#1189241).
-------------------------------------------------------------------
Fri Jul 16 14:25:20 UTC 2021 - Matej Cepl <mcepl@suse.com>
- Modify Lib/ensurepip/__init__.py to contain the same version
numbers as are in reality the ones in the bundled wheels
(bsc#1187668).
-------------------------------------------------------------------
Fri Feb 26 18:21:55 UTC 2021 - Matej Cepl <mcepl@suse.com>

7
python-doc.changes
View File

@ -46,6 +46,13 @@ Mon Aug 9 15:16:15 UTC 2021 - Fusion Future <qydwhotmail@gmail.com>
which fixes http client infinite line reading (DoS) after a http
100 (bpo#44022, boo#1189241).
-------------------------------------------------------------------
Fri Jul 16 14:25:20 UTC 2021 - Matej Cepl <mcepl@suse.com>
- Modify Lib/ensurepip/__init__.py to contain the same version
numbers as are in reality the ones in the bundled wheels
(bsc#1187668).
-------------------------------------------------------------------
Fri Feb 26 18:21:55 UTC 2021 - Matej Cepl <mcepl@suse.com>

7
python.changes
View File

@ -46,6 +46,13 @@ Mon Aug 9 15:16:15 UTC 2021 - Fusion Future <qydwhotmail@gmail.com>
which fixes http client infinite line reading (DoS) after a http
100 (bpo#44022, boo#1189241).
-------------------------------------------------------------------
Fri Jul 16 14:25:20 UTC 2021 - Matej Cepl <mcepl@suse.com>
- Modify Lib/ensurepip/__init__.py to contain the same version
numbers as are in reality the ones in the bundled wheels
(bsc#1187668).
-------------------------------------------------------------------
Fri Feb 26 18:21:55 UTC 2021 - Matej Cepl <mcepl@suse.com>