python-interpreters/python311
SHA256
6
0
Fork 0
forked from pool/python311
Code Pull Requests Activity

- Fix changelog

Browse Source 
(renamed from CVE-2024-8088-zipfile-Path-sanitization.patch)
  - CVE-2024-6232-ReDOS-backtrack-tarfile.patch
  - CVE-2024-7592-quad-complex-cookies.patch
  * CVE-2024-0397-memrace_ssl.SSLContext_cert_store.patch
- Remove upstreamed patches:
  - CVE-2024-0450-zipfile-avoid-quoted-overlap-zipbomb.patch

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python311?expand=0&rev=151
This commit is contained in:
Matej Cepl
2024-12-02 22:50:54 +00:00
committed by Git OBS Bridge
parent f0c17ca54e
commit 41577a6efe
1 changed files with 11 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
python311.changes
View File

@@ -1,3 +1,8 @@
-------------------------------------------------------------------
Mon Dec 2 22:50:07 UTC 2024 - Matej Cepl <mcepl@suse.com>
- Fix changelog
------------------------------------------------------------------- -------------------------------------------------------------------
Mon Nov 11 12:43:40 UTC 2024 - Daniel Garcia <daniel.garcia@suse.com> Mon Nov 11 12:43:40 UTC 2024 - Daniel Garcia <daniel.garcia@suse.com>
@@ -99,6 +104,9 @@ Mon Sep 9 16:53:07 UTC 2024 - Matej Cepl <mcepl@cepl.eu>
- CVE-2024-4032-private-IP-addrs.patch - CVE-2024-4032-private-IP-addrs.patch
- CVE-2024-6923-email-hdr-inject.patch - CVE-2024-6923-email-hdr-inject.patch
- CVE-2024-8088-inf-loop-zipfile_Path.patch - CVE-2024-8088-inf-loop-zipfile_Path.patch
(renamed from CVE-2024-8088-zipfile-Path-sanitization.patch)
- CVE-2024-6232-ReDOS-backtrack-tarfile.patch
- CVE-2024-7592-quad-complex-cookies.patch
------------------------------------------------------------------- -------------------------------------------------------------------
Mon Sep 2 09:44:26 UTC 2024 - Matej Cepl <mcepl@cepl.eu> Mon Sep 2 09:44:26 UTC 2024 - Matej Cepl <mcepl@cepl.eu>
@@ -185,6 +193,7 @@ Mon Apr 8 05:44:04 UTC 2024 - Daniel Garcia <daniel.garcia@suse.com>
- Remove not needed upstream patches: - Remove not needed upstream patches:
* libexpat260.patch * libexpat260.patch
* CVE-2023-6597-TempDir-cleaning-symlink.patch, bsc#1219666 * CVE-2023-6597-TempDir-cleaning-symlink.patch, bsc#1219666
* CVE-2024-0397-memrace_ssl.SSLContext_cert_store.patch
- Update to 3.11.9: - Update to 3.11.9:
* Security * Security
@@ -737,7 +746,8 @@ Thu Feb 8 07:27:40 UTC 2024 - Daniel Garcia <daniel.garcia@suse.com>
METH_FASTCALL | METH_KEYWORDS calling convention. Only the METH_FASTCALL | METH_KEYWORDS calling convention. Only the
positional parameter count was checked; any keyword argument positional parameter count was checked; any keyword argument
passed would be silently accepted. passed would be silently accepted.
- Remove upstreamed patches:
- CVE-2024-0450-zipfile-avoid-quoted-overlap-zipbomb.patch
- Refresh all patches: - Refresh all patches:
- CVE-2023-27043-email-parsing-errors.patch - CVE-2023-27043-email-parsing-errors.patch
- F00251-change-user-install-location.patch - F00251-change-user-install-location.patch