Add CVE-2025-6075-expandvars-perf-degrad.patch avoid simple

quadratic complexity vulnerabilities of os.path.expandvars() (CVE-2025-6075, bsc#1252974). Readjusted patches: - CVE-2023-52425-libexpat-2.6.0-backport.patch - fix_configure_rst.patch - sphinx-72.patch
2025-11-15 19:23:28 +01:00
parent f468709d9f
commit fcca9be604
6 changed files with 936 additions and 409 deletions
--- a/python310.spec
+++ b/python310.spec
@@ -204,6 +204,9 @@ Patch27:        gh120226-fix-sendfile-test-kernel-610.patch
 Patch28:        sphinx-802.patch
 # PATCH-FIX-OPENSUSE gh139257-Support-docutils-0.22.patch gh#python/cpython#139257 daniel.garcia@suse.com
 Patch29:        gh139257-Support-docutils-0.22.patch
+# PATCH-FIX-UPSTREAM CVE-2025-6075-expandvars-perf-degrad.patch bsc#1252974 mcepl@suse.com
+# Avoid potential quadratic complexity vulnerabilities in path modules
+Patch30:        CVE-2025-6075-expandvars-perf-degrad.patch
 BuildRequires:  autoconf-archive
 BuildRequires:  automake
 BuildRequires:  fdupes