python-interpreters/python310
SHA256
6
0
Fork 0
forked from pool/python310
Code Pull Requests Activity
238 Commits 1 Branch 0 Tags
9fe71b82c6ef2ff67675dd29a826fc03422401ceb7729767876384a8deb10ae5
Commit Graph

3 Commits

Author SHA256 Message Date
Matěj Cepl
9fe71b82c6 Fix CVE-2025-13836, CVE-2025-12084, and CVE-2025-13837. 
- Add CVE-2025-13836-http-resp-cont-len.patch (bsc#1254400,
  CVE-2025-13836) to prevent reading an HTTP response from
  a server, if no read amount is specified, with using
  Content-Length per default as the length.
- Add CVE-2025-12084-minidom-quad-search.patch prevent quadratic
  behavior in node ID cache clearing (CVE-2025-12084,
  bsc#1254997).
- Add CVE-2025-13837-plistlib-mailicious-length.patch protect
  against OOM when loading malicious content (CVE-2025-13837,
  bsc#1254401).
 2025-12-21 23:14:52 +01:00
Matej Cepl
c1c3249a12 - Add CVE-2025-4516-DecodeError-handler.patch fixing 
CVE-2025-4516 (bsc#1243273) blocking DecodeError handling
  vulnerability, which could lead to DoS.

- Use extended %autopatch.

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python310?expand=0&rev=179
 2025-05-30 15:54:19 +00:00
Matej Cepl
0ceefbe459 - Use extended %%autopatch 
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python310?expand=0&rev=177
 2025-05-22 13:04:12 +00:00