From 731de3831085c9499e61641702b3711e3ea2720faf728f14b3ebe1ea09ae267b Mon Sep 17 00:00:00 2001 From: Matej Cepl Date: Fri, 22 Mar 2024 09:05:09 +0000 Subject: [PATCH] Fix *.changes OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python39?expand=0&rev=177 --- python39.changes | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/python39.changes b/python39.changes index d050b6f..ef42d5e 100644 --- a/python39.changes +++ b/python39.changes @@ -4,7 +4,7 @@ Thu Mar 21 20:24:05 UTC 2024 - Matej Cepl - Update to 3.9.19: - Security - gh-115398: Allow controlling Expat >=2.6.0 reparse deferral - (CVE-2023-52425) by adding five new methods: + (CVE-2023-52425, bsc#1219559) by adding five new methods: xml.etree.ElementTree.XMLParser.flush() xml.etree.ElementTree.XMLPullParser.flush() xml.parsers.expat.xmlparser.GetReparseDeferralEnabled() @@ -25,8 +25,9 @@ Thu Mar 21 20:24:05 UTC 2024 - Matej Cepl specific value (UINT_MAX). Fix an integer overflow in socket.if_indextoname() on 64-bit non-Windows platforms. - gh-109858: Protect zipfile from “quoted-overlap” - zipbomb. It now raises BadZipFile when try to read an entry - that overlaps with other entry or central directory. + zipbomb. It now raises BadZipFile when try to read an + entry that overlaps with other entry or central directory + (CVE-2024-0450, bsc#1221854). - gh-107077: Seems that in some conditions, OpenSSL will return SSL_ERROR_SYSCALL instead of SSL_ERROR_SSL when a certification verification has failed, but @@ -36,7 +37,8 @@ Thu Mar 21 20:24:05 UTC 2024 - Matej Cepl ssl.SSLCertVerificationError. Patch by Pablo Galindo - gh-91133: Fix a bug in tempfile.TemporaryDirectory cleanup, which now no longer dereferences symlinks when working - around file system permission errors. + around file system permission errors (CVE-2023-6597, + bsc#1219666). - Documentation - gh-115399: Document CVE-2023-52425 of Expat <2.6.0 under “XML vulnerabilities”.