forked from pool/python310
Fix *.changes
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python310?expand=0&rev=123
This commit is contained in:
Git OBS Bridge
@@ -5,13 +5,14 @@ Thu Mar 21 07:38:15 UTC 2024 - Matej Cepl <mcepl@cepl.eu>
|
|||||||
- gh-115399 & gh-115398: bundled libexpat was updated to 2.6.0
|
- gh-115399 & gh-115398: bundled libexpat was updated to 2.6.0
|
||||||
to address CVE-2023-52425, and control of the new reparse
|
to address CVE-2023-52425, and control of the new reparse
|
||||||
deferral functionality was exposed with new APIs
|
deferral functionality was exposed with new APIs
|
||||||
|
(bsc#1219559).
|
||||||
- gh-109858: zipfile is now protected from the “quoted-overlap”
|
- gh-109858: zipfile is now protected from the “quoted-overlap”
|
||||||
zipbomb to address CVE-2024-0450. It now raises BadZipFile
|
zipbomb to address CVE-2024-0450. It now raises BadZipFile
|
||||||
when attempting to read an entry that overlaps with another
|
when attempting to read an entry that overlaps with another
|
||||||
entry or central directory
|
entry or central directory. (bsc#1221854)
|
||||||
- gh-91133: tempfile.TemporaryDirectory cleanup no longer
|
- gh-91133: tempfile.TemporaryDirectory cleanup no longer
|
||||||
dereferences symlinks when working around file system
|
dereferences symlinks when working around file system
|
||||||
permission errors to address CVE-2023-6597
|
permission errors to address CVE-2023-6597 (bsc#1219666)
|
||||||
- gh-115197: urllib.request no longer resolves the hostname
|
- gh-115197: urllib.request no longer resolves the hostname
|
||||||
before checking it against the system’s proxy bypass list on
|
before checking it against the system’s proxy bypass list on
|
||||||
macOS and Windows
|
macOS and Windows
|
||||||
|
|||||||
Reference in New Issue
Block a user