pool/python39
SHA256
11
0
Fork 1
Code Issues Pull Requests Activity
Files
1309e0438093fb03be788497674bf97f38203696a6edf92f6a0a95bf5d0561a4
python39/Python-3.9.23.tar.xz.sigstore
Matej Cepl 64818e1d6b - Update to 3.9.23: 
- Security
    - gh-135034: Fixes multiple issues that allowed tarfile
      extraction filters (filter="data" and filter="tar") to be
      bypassed using crafted symlinks and hard links.
    - Addresses CVE-2024-12718 (bsc#1244056), CVE-2025-4138
      (bsc#1244059), CVE-2025-4330 (bsc#1244060), and
      CVE-2025-4517 (bsc#1244032).
    - gh-133767: Fix use-after-free in the “unicode-escape”
      decoder with a non-“strict” error handler (CVE-2025-4516,
      bsc#1243273).
    - gh-128840: Short-circuit the processing of long IPv6
      addresses early in ipaddress to prevent excessive memory
      consumption and a minor denial-of-service.
    - gh-80222: Fix bug in the folding of quoted strings
      when flattening an email message using a modern email
      policy. Previously when a quoted string was folded so
      that it spanned more than one line, the surrounding
      quotes and internal escapes would be omitted. This could
      theoretically be used to spoof header lines using a
      carefully constructed quoted string if the resulting
      rendered email was transmitted or re-parsed.
  - Library
    - gh-128840: Fix parsing long IPv6 addresses with embedded
      IPv4 address.
    - gh-134062: ipaddress: fix collisions in __hash__() for
      IPv4Network and IPv6Network objects.
    - gh-123409: Fix ipaddress.IPv6Address.reverse_pointer output
      according to RFC 3596, §2.5. Patch by Bénédikt Tran.
    - bpo-43633: Improve the textual representation of

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python39?expand=0&rev=233
2025-06-09 16:29:52 +00:00

2 lines
5.0 KiB
Plaintext
Raw Blame History

{"mediaType": "application/vnd.dev.sigstore.bundle.v0.3+json", "verificationMaterial": {"certificate": {"rawBytes": "MIIC0DCCAlWgAwIBAgIUG229RKhIVHHNhr+bZV55P8F/JiYwCgYIKoZIzj0EAwMwNzEVMBMGA1UEChMMc2lnc3RvcmUuZGV2MR4wHAYDVQQDExVzaWdzdG9yZS1pbnRlcm1lZGlhdGUwHhcNMjUwNjAzMTkyMDQ1WhcNMjUwNjAzMTkzMDQ1WjAAMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEHAdkk3GmQSTLHaA3qgs8Mto97OSVbVhaNbzSF2eatgDIKJUkUF9BFqx+RKVYbHU5FQJHdwA5T67OfhaDYHiyaqOCAXQwggFwMA4GA1UdDwEB/wQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcDAzAdBgNVHQ4EFgQUaB0HmIo69ITnU91ryuyAKS4hsbgwHwYDVR0jBBgwFoAU39Ppz1YkEZb5qNjpKFWixi4YZD8wHQYDVR0RAQH/BBMwEYEPbHVrYXN6QGxhbmdhLnBsMCwGCisGAQQBg78wAQEEHmh0dHBzOi8vZ2l0aHViLmNvbS9sb2dpbi9vYXV0aDAuBgorBgEEAYO/MAEIBCAMHmh0dHBzOi8vZ2l0aHViLmNvbS9sb2dpbi9vYXV0aDCBiwYKKwYBBAHWeQIEAgR9BHsAeQB3AN09MGrGxxEyYxkeHJlnNwKiSl643jyt/4eKcoAvKe6OAAABlzc9LZwAAAQDAEgwRgIhAKVxDJnomsWJaXHsKKu19qVvfaPnwK5YQXGoI9SKn+NJAiEA+CLl5/VDMS+UMV8Nh+89J2zcpcypEhw6C4tW1BCCuDAwCgYIKoZIzj0EAwMDaQAwZgIxAICtnwUolcM1gk7JBamvFMSw9K1YXhTaErgTVTlJK+pVy7GnuG9sFdBAo1cu2l8KpwIxAPa0s2b6co6pQfHxXbTADBsp4WT6YmiW7A+92JlwY87vD+7dP1rKzW3NWRZOE5BnqQ=="}, "tlogEntries": [{"logIndex": "228949549", "logId": {"keyId": "wNI9atQGlz+VWfO6LRygH4QUfY/8W4RFwiT5i5WRgB0="}, "kindVersion": {"kind": "hashedrekord", "version": "0.0.1"}, "integratedTime": "1748978445", "inclusionPromise": {"signedEntryTimestamp": "MEUCIQCNuRResQCE4b2mA5/+gTwctji/1qL67SbeaciSlgj6NQIgE7vY0Fdoem2aODoKaHoieIRo89rcg7mX2mZL3B/XYh8="}, "inclusionProof": {"logIndex": "107045287", "rootHash": "hgR6aB6kU+T1uo4iUx75tlIhKkYbUyPsHac2yhFgZpE=", "treeSize": "107045297", "hashes": ["31ltlTE5JIioyJ8rdH3OjwO9d3Us17sfd29GleLF5J0=", "AkqFsr2XZZPs2xu+kw64e2CheTwS6pgmH1DXBgpJfAo=", "LJsE/B9ZOF5PmmdxEQjiLmyHEEzfGmsX9HiXp3ZTiTU=", "VEnlDOQVZn3+NExF7G53geFQZYNf6U5DexkG4vgRlLQ=", "auvWhUrmnBq8g0KEcbAMvjyfrOYhAmiC5+yXjoBsGiw=", "8Cr3zC0dQe124OAQufmKfTZ8lnAYWQuw6AnXuy6DDMQ=", "tbcHjIX6G446NLcoiLw+hjALDmPwWWErWEOvrndCH7Q=", "Bj4reJ88xQpUq0P43RDNLi1sLcLaEeH443F87S4CHoc=", "mAX/zvx1jR0ujLtDApsQpHyxmoDGidClHMOn0BX1aQA=", "u5LKLBPTYgXZg0fBi6/8LuEeNy3EBAxJF0AkkB4Co6E=", "SPUVncwJRVX/n/RICCYqLpAzraqx7S0eMdXRr1RLRgg=", "uEJFtwcGQJMd9kjQhkXb7gl2WD3WMElCc15uDFvFGxs=", "VdOKzpQhJlpXgijzXANf/hNlje1G/N1kUuVnKNskkso=", "mta5fH/gFwxJ/0fT8yGpn3sFCY0G1RY555Iflm0LInM=", "7v8qPHNDLerpduaMx06eb/MwgoQwczTn/cYGKX/9wZ4="], "checkpoint": {"envelope": "rekor.sigstore.dev - 1193050959916656506\n107045297\nhgR6aB6kU+T1uo4iUx75tlIhKkYbUyPsHac2yhFgZpE=\n\n\u2014 rekor.sigstore.dev wNI9ajBFAiEAqS6BBP1515FNbJUk/993J1ftsTnoVvZ3qFtXGB5WT6cCIGjBPbInr7P6zATImuD6RaTQfWxcPpmcquKCZbAnIseq\n"}}, "canonicalizedBody": "eyJhcGlWZXJzaW9uIjoiMC4wLjEiLCJraW5kIjoiaGFzaGVkcmVrb3JkIiwic3BlYyI6eyJkYXRhIjp7Imhhc2giOnsiYWxnb3JpdGhtIjoic2hhMjU2IiwidmFsdWUiOiI2MWE0MjkxOWUxM2Q1MzlmNzY3M2NmMTFkMWM0MDQzODBlMjhlNTQwNTEwODYwYjlkMjQyMTk2ZTE2NTcwOWM5In19LCJzaWduYXR1cmUiOnsiY29udGVudCI6Ik1FUUNJRVJHRUpUU0RXOVhjR0lDbFZKVXdXOFcyeTlHdVRIQnNJUXozTE9pVkU1R0FpQWFINnVTdVBSNmYvbURkeXN0Q1JLZWVreWdrVmZvQ3gyekJGWGVNRUNxNEE9PSIsInB1YmxpY0tleSI6eyJjb250ZW50IjoiTFMwdExTMUNSVWRKVGlCRFJWSlVTVVpKUTBGVVJTMHRMUzB0Q2sxSlNVTXdSRU5EUVd4WFowRjNTVUpCWjBsVlJ6SXlPVkpMYUVsV1NFaE9hSElyWWxwV05UVlFPRVl2U21sWmQwTm5XVWxMYjFwSmVtb3dSVUYzVFhjS1RucEZWazFDVFVkQk1WVkZRMmhOVFdNeWJHNWpNMUoyWTIxVmRWcEhWakpOVWpSM1NFRlpSRlpSVVVSRmVGWjZZVmRrZW1SSE9YbGFVekZ3WW01U2JBcGpiVEZzV2tkc2FHUkhWWGRJYUdOT1RXcFZkMDVxUVhwTlZHdDVUVVJSTVZkb1kwNU5hbFYzVG1wQmVrMVVhM3BOUkZFeFYycEJRVTFHYTNkRmQxbElDa3R2V2tsNmFqQkRRVkZaU1V0dldrbDZhakJFUVZGalJGRm5RVVZJUVdScmF6TkhiVkZUVkV4SVlVRXpjV2R6T0UxMGJ6azNUMU5XWWxab1lVNWllbE1LUmpKbFlYUm5SRWxMU2xWclZVWTVRa1p4ZUN0U1MxWlpZa2hWTlVaUlNraGtkMEUxVkRZM1QyWm9ZVVJaU0dsNVlYRlBRMEZZVVhkblowWjNUVUUwUndwQk1WVmtSSGRGUWk5M1VVVkJkMGxJWjBSQlZFSm5UbFpJVTFWRlJFUkJTMEpuWjNKQ1owVkdRbEZqUkVGNlFXUkNaMDVXU0ZFMFJVWm5VVlZoUWpCSUNtMUpielk1U1ZSdVZUa3hjbmwxZVVGTFV6Um9jMkpuZDBoM1dVUldVakJxUWtKbmQwWnZRVlV6T1ZCd2VqRlphMFZhWWpWeFRtcHdTMFpYYVhocE5Ga0tXa1E0ZDBoUldVUldVakJTUVZGSUwwSkNUWGRGV1VWUVlraFdjbGxZVGpaUlIzaG9ZbTFrYUV4dVFuTk5RM2RIUTJselIwRlJVVUpuTnpoM1FWRkZSUXBJYldnd1pFaENlazlwT0haYU1td3dZVWhXYVV4dFRuWmlVemx6WWpKa2NHSnBPWFpaV0ZZd1lVUkJkVUpuYjNKQ1owVkZRVmxQTDAxQlJVbENRMEZOQ2todGFEQmtTRUo2VDJrNGRsb3liREJoU0ZacFRHMU9kbUpUT1hOaU1tUndZbWs1ZGxsWVZqQmhSRU5DYVhkWlMwdDNXVUpDUVVoWFpWRkpSVUZuVWprS1FraHpRV1ZSUWpOQlRqQTVUVWR5UjNoNFJYbFplR3RsU0Vwc2JrNTNTMmxUYkRZME0ycDVkQzgwWlV0amIwRjJTMlUyVDBGQlFVSnNlbU01VEZwM1FRcEJRVkZFUVVWbmQxSm5TV2hCUzFaNFJFcHViMjF6VjBwaFdFaHpTMHQxTVRseFZuWm1ZVkJ1ZDBzMVdWRllSMjlKT1ZOTGJpdE9Ta0ZwUlVFclEweHNDalV2VmtSTlV5dFZUVlk0VG1nck9EbEtNbnBqY0dONWNFVm9kelpETkhSWE1VSkRRM1ZFUVhkRFoxbEpTMjlhU1hwcU1FVkJkMDFFWVZGQmQxcG5TWGdLUVVsRGRHNTNWVzlzWTAweFoyczNTa0poYlhaR1RWTjNPVXN4V1Zob1ZHRkZjbWRVVmxSc1Nrc3JjRlo1TjBkdWRVYzVjMFprUWtGdk1XTjFNbXc0U3dwd2QwbDRRVkJoTUhNeVlqWmpielp3VVdaSWVGaGlWRUZFUW5Od05GZFVObGx0YVZjM1FTczVNa3BzZDFrNE4zWkVLemRrVURGeVMzcFhNMDVYVWxwUENrVTFRbTV4VVQwOUNpMHRMUzB0UlU1RUlFTkZVbFJKUmtsRFFWUkZMUzB0TFMwSyJ9fX19"}], "timestampVerificationData": {}}, "messageSignature": {"messageDigest": {"algorithm": "SHA2_256", "digest": "YaQpGeE9U592c88R0cQEOA4o5UBRCGC50kIZbhZXCck="}, "signature": "MEQCIERGEJTSDW9XcGIClVJUwW8W2y9GuTHBsIQz3LOiVE5GAiAaH6uSuPR6f/mDdystCRKeekygkVfoCx2zBFXeMECq4A=="}}
Reference in New Issue View Git Blame Copy Permalink