python-interpreters/python311
SHA256
6
0
Fork 0
forked from pool/python311
Code Pull Requests Activity

- Add CVE-2024-6923-email-hdr-inject.patch to prevent email

Browse Source 
header injection due to unquoted newlines (bsc#1228780,
  CVE-2024-6923).

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python311?expand=0&rev=136
This commit is contained in:
Matej Cepl
2024-08-07 12:14:54 +00:00
committed by Git OBS Bridge
parent 7a43c0a133
commit 763dd72636
3 changed files with 379 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
python311.spec
View File

@@ -177,6 +177,9 @@ Patch18: CVE-2024-4032-private-IP-addrs.patch
# PATCH-FIX-UPSTREAM bso1227999-reproducible-builds.patch bsc#1227999 mcepl@suse.com
# reproducibility patches
Patch19: bso1227999-reproducible-builds.patch
# PATCH-FIX-UPSTREAM CVE-2024-6923-email-hdr-inject.patch bsc#1228780 mcepl@suse.com
# prevent email header injection, patch from gh#python/cpython!122608
Patch20: CVE-2024-6923-email-hdr-inject.patch
BuildRequires: autoconf-archive
BuildRequires: automake
BuildRequires: fdupes
@@ -440,6 +443,7 @@ other applications.
%patch -p1 -P 17
%patch -p1 -P 18
%patch -p1 -P 19
%patch -p1 -P 20
# drop Autoconf version requirement
sed -i 's/^AC_PREREQ/dnl AC_PREREQ/' configure.ac