pool/python310
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix *.changes

Browse Source 
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python310?expand=0&rev=123
This commit is contained in:
Matej Cepl 2024-03-22 09:01:33 +00:00 committed by Git OBS Bridge
parent f508bcd9bd
commit 17f54b09e3
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
python310.changes
View File

@ -5,13 +5,14 @@ Thu Mar 21 07:38:15 UTC 2024 - Matej Cepl <mcepl@cepl.eu>
- gh-115399 & gh-115398: bundled libexpat was updated to 2.6.0
to address CVE-2023-52425, and control of the new reparse
deferral functionality was exposed with new APIs
(bsc#1219559).
- gh-109858: zipfile is now protected from the “quoted-overlap”
zipbomb to address CVE-2024-0450. It now raises BadZipFile
when attempting to read an entry that overlaps with another
entry or central directory
entry or central directory. (bsc#1221854)
- gh-91133: tempfile.TemporaryDirectory cleanup no longer
dereferences symlinks when working around file system
permission errors to address CVE-2023-6597
permission errors to address CVE-2023-6597 (bsc#1219666)
- gh-115197: urllib.request no longer resolves the hostname
before checking it against the systems proxy bypass list on
macOS and Windows