pool/python310
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
python310/Python-3.10.12.tar.xz
Matej Cepl 402f3ae924 - Update to 3.10.12: 
- gh-103142: The version of OpenSSL used in Windows and
    Mac installers has been upgraded to 1.1.1u to address
    CVE-2023-2650, CVE-2023-0465, CVE-2023-0466, CVE-2023-0464,
    as well as CVE-2023-0286, CVE-2022-4303, and CVE-2022-4303
    fixed previously in 1.1.1t (gh-101727).
  - gh-102153: urllib.parse.urlsplit() now strips leading C0
    control and space characters following the specification for
    URLs defined by WHATWG in response to CVE-2023-24329.
  - gh-99889: Fixed a security in flaw in uu.decode() that could
    allow for directory traversal based on the input if no
    out_file was specified.
  - gh-104049: Do not expose the local on-disk
    location in directory indexes produced by
    http.client.SimpleHTTPRequestHandler.
  - gh-103935: trace.__main__ now uses io.open_code() for files
    to be executed instead of raw open().
  - gh-102953: The extraction methods in tarfile, and
    shutil.unpack_archive(), have a new filter argument that
    allows limiting tar features than may be surprising or
    dangerous, such as creating files outside the destination
    directory. See Extraction filters for details.
- Remove upstreamed patches:
  - CVE-2007-4559-filter-tarfile_extractall.patch

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python310?expand=0&rev=95
2023-06-28 17:56:56 +00:00

4 lines
133 B
Plaintext
Raw Blame History

version https://git-lfs.github.com/spec/v1
oid sha256:afb74bf19130e7a47d10312c8f5e784f24e0527981eab68e20546cfb865830b8
size 19654836
Reference in New Issue View Git Blame Copy Permalink