python-interpreters/python311
SHA256
6
0
Fork 0
forked from pool/python311
Code Pull Requests Activity

- Add CVE-2022-45061-DoS-by-IDNA-decode.patch to avoid

Browse Source 
CVE-2022-45061 (bsc#1205244) allowing DoS by IDNA decoding
  extremely long domain names.

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python311?expand=0&rev=38
This commit is contained in:
Matej Cepl
2022-11-09 18:37:56 +00:00
committed by Git OBS Bridge
parent c6df50684c
commit 03d1be1616
3 changed files with 97 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
python311.spec
View File

@@ -169,6 +169,9 @@ Patch36: support-expat-CVE-2022-25236-patched.patch
# PATCH-FIX-UPSTREAM 98437-sphinx.locale._-as-gettext-in-pyspecific.patch gh#python/cpython#98366 mcepl@suse.com
# this patch makes things totally awesome
Patch37: 98437-sphinx.locale._-as-gettext-in-pyspecific.patch
# PATCH-FIX-UPSTREAM CVE-2022-45061-DoS-by-IDNA-decode.patch bsc#1205244 mcepl@suse.com
# Avoid DoS by decoding IDNA for too long domain names
Patch38: CVE-2022-45061-DoS-by-IDNA-decode.patch
BuildRequires: autoconf-archive
BuildRequires: automake
BuildRequires: fdupes
@@ -436,6 +439,7 @@ other applications.
%patch35 -p1
%patch36 -p1
%patch37 -p1
%patch38 -p1
# drop Autoconf version requirement
sed -i 's/^AC_PREREQ/dnl AC_PREREQ/' configure.ac