python-interpreters/python310
SHA256
6
0
Fork 0
forked from pool/python310
Code Pull Requests Activity

- CVE-2023-24329-blank-URL-bypass.patch

Browse Source 
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python310?expand=0&rev=96
This commit is contained in:
Matej Cepl
2023-06-28 17:58:17 +00:00
committed by Git OBS Bridge
parent 402f3ae924
commit 24b222e77c
3 changed files with 1 additions and 60 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
python310.spec
View File

@@ -166,10 +166,6 @@ Patch35: fix_configure_rst.patch
# PATCH-FIX-UPSTREAM bpo-46811 gh#python/cpython#7da97f61816f mcepl@suse.com
# NOTE: SUSE version of expat 2.4.4 is patched in SUSE for CVE-2022-25236
Patch36: support-expat-CVE-2022-25236-patched.patch
# PATCH-FIX-UPSTREAM CVE-2023-24329-blank-URL-bypass.patch bsc#1208471 mcepl@suse.com
# blocklist bypass via the urllib.parse component when supplying
# a URL that starts with blank characters
Patch37: CVE-2023-24329-blank-URL-bypass.patch
# PATCH-FIX-UPSTREAM bpo-37596-make-set-marshalling.patch bsc#1211765 mcepl@suse.com
# Make `set` and `frozenset` marshalling deterministic
Patch39: bpo-37596-make-set-marshalling.patch
@@ -444,7 +440,6 @@ other applications.
%endif
%patch35 -p1
%patch36 -p1
%patch37 -p1
%patch39 -p1
# drop Autoconf version requirement