python-interpreters/python311
SHA256
6
0
Fork 0
forked from pool/python311
Code Pull Requests Activity

- Add CVE-2025-0938-sq-brackets-domain-names.patch which

Browse Source 
disallows square brackets ([ and ]) in domain names for parsed
  URLs (bsc#1236705, CVE-2025-0938, gh#python/cpython#105704)

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python311?expand=0&rev=158
This commit is contained in:
Matej Cepl
2025-02-04 14:51:05 +00:00
committed by Git OBS Bridge
parent b32fd43b74
commit d128375401
4 changed files with 272 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
python311.spec
View File

@@ -189,6 +189,9 @@ Patch19: bso1227999-reproducible-builds.patch
Patch22: gh120226-fix-sendfile-test-kernel-610.patch
# PATCH-FIX-UPSTREAM Add platform triplets for 64-bit LoongArch gh#python/cpython#30939 glaubitz@suse.com
Patch24: add-loongarch64-support.patch
# PATCH-FIX-UPSTREAM CVE-2025-0938-sq-brackets-domain-names.patch bsc#1236705 mcepl@suse.com
# functions `urllib.parse.urlsplit` and `urlparse` accept domain names including square brackets
Patch25: CVE-2025-0938-sq-brackets-domain-names.patch
BuildRequires: autoconf-archive
BuildRequires: automake
BuildRequires: fdupes
@@ -452,6 +455,7 @@ other applications.
%patch -p1 -P 19
%patch -p1 -P 22
%patch -p1 -P 24
%patch -p1 -P 25
# drop Autoconf version requirement
sed -i 's/^AC_PREREQ/dnl AC_PREREQ/' configure.ac