From 49cc3ffe027a530f6b874ecd561b155b2723b3a3ba657291c03f32e6881f882d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Mat=C4=9Bj=20Cepl?= <mcepl@cepl.eu>
Date: Sat, 15 Nov 2025 19:23:28 +0100
Subject: [PATCH] Add CVE-2025-6075-expandvars-perf-degrad.patch avoid simple  
 quadratic complexity vulnerabilities of os.path.expandvars()  
 (CVE-2025-6075, bsc#1252974). Readjusted patches:   -
 CVE-2023-52425-libexpat-2.6.0-backport.patch   - fix_configure_rst.patch   -
 sphinx-72.patch

---
 CVE-2023-52425-libexpat-2.6.0-backport.patch | 1 -
 CVE-2025-6075-expandvars-perf-degrad.patch   | 3 +++
 2 files changed, 3 insertions(+), 1 deletion(-)
 create mode 100644 CVE-2025-6075-expandvars-perf-degrad.patch

diff --git a/CVE-2023-52425-libexpat-2.6.0-backport.patch b/CVE-2023-52425-libexpat-2.6.0-backport.patch
index 25e068f..3a85ec1 100644
--- a/CVE-2023-52425-libexpat-2.6.0-backport.patch
+++ b/CVE-2023-52425-libexpat-2.6.0-backport.patch
@@ -54,4 +54,3 @@
 +                     'support reparse deferral')
      def test_flush_reparse_deferral_disabled(self):
          parser = ET.XMLPullParser(events=('start', 'end'))
- 
diff --git a/CVE-2025-6075-expandvars-perf-degrad.patch b/CVE-2025-6075-expandvars-perf-degrad.patch
new file mode 100644
index 0000000..58e9a1c
--- /dev/null
+++ b/CVE-2025-6075-expandvars-perf-degrad.patch
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:65ff21aa2aa8697917d16269efe04e6f60e5943604f09a44623924445048b17f
+size 12663