python310

python-interpreters/python310

SHA256

Fork 0

forked from pool/python310

Commit Graph

Author	SHA256	Message	Date
Matěj Cepl	9fe71b82c6	Fix CVE-2025-13836, CVE-2025-12084, and CVE-2025-13837. - Add CVE-2025-13836-http-resp-cont-len.patch (bsc#1254400, CVE-2025-13836) to prevent reading an HTTP response from a server, if no read amount is specified, with using Content-Length per default as the length. - Add CVE-2025-12084-minidom-quad-search.patch prevent quadratic behavior in node ID cache clearing (CVE-2025-12084, bsc#1254997). - Add CVE-2025-13837-plistlib-mailicious-length.patch protect against OOM when loading malicious content (CVE-2025-13837, bsc#1254401).	2025-12-21 23:14:52 +01:00
Matěj Cepl	d6395a2d78	Add CVE-2025-13836-http-resp-cont-len.patch (bsc#1254400, CVE-2025-13836) Prevent reading an HTTP response from a server, if no read amount is specified, with using Content-Length per default as the length.	2025-12-18 16:07:31 +01:00

Author

SHA256

Message

Date

Matěj Cepl

9fe71b82c6

Fix CVE-2025-13836, CVE-2025-12084, and CVE-2025-13837.

- Add CVE-2025-13836-http-resp-cont-len.patch (bsc#1254400,
  CVE-2025-13836) to prevent reading an HTTP response from
  a server, if no read amount is specified, with using
  Content-Length per default as the length.
- Add CVE-2025-12084-minidom-quad-search.patch prevent quadratic
  behavior in node ID cache clearing (CVE-2025-12084,
  bsc#1254997).
- Add CVE-2025-13837-plistlib-mailicious-length.patch protect
  against OOM when loading malicious content (CVE-2025-13837,
  bsc#1254401).

2025-12-21 23:14:52 +01:00

Matěj Cepl

d6395a2d78

Add CVE-2025-13836-http-resp-cont-len.patch (bsc#1254400, CVE-2025-13836)

Prevent reading an HTTP response from a server, if no read amount is
specified, with using Content-Length per default as the length.

2025-12-18 16:07:31 +01:00

2 Commits