forked from pool/python311
Matej Cepl
28749a59dd
- Security
- gh-135034: Fixes multiple issues that allowed tarfile
extraction filters (filter="data" and filter="tar") to be
bypassed using crafted symlinks and hard links.
Addresses CVE-2024-12718 (bsc#1244056), CVE-2025-4138
(bsc#1244059), CVE-2025-4330 (bsc#1244060), and
CVE-2025-4517 (bsc#1244032).
- gh-133767: Fix use-after-free in the “unicode-escape”
decoder with a non-“strict” error handler (CVE-2025-4516,
bsc#1243273).
- gh-128840: Short-circuit the processing of long IPv6
addresses early in ipaddress to prevent excessive memory
consumption and a minor denial-of-service.
- Library
- gh-128840: Fix parsing long IPv6 addresses with embedded
IPv4 address.
- gh-134062: ipaddress: fix collisions in __hash__() for
IPv4Network and IPv6Network objects.
- gh-123409: Fix ipaddress.IPv6Address.reverse_pointer output
according to RFC 3596, §2.5. Patch by Bénédikt Tran.
- bpo-43633: Improve the textual representation of
IPv4-mapped IPv6 addresses (RFC 4291 Sections 2.2, 2.5.5.2)
in ipaddress. Patch by Oleksandr Pavliuk.
- Remove upstreamed patches:
- gh-126572-test_ssl-no-stop-ThreadedEchoServer-OSError.patch
- CVE-2025-4516-DecodeError-handler.patch
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python311?expand=0&rev=183
14 lines
522 B
Diff
14 lines
522 B
Diff
Index: Python-3.11.8/Lib/site.py
|
|
===================================================================
|
|
--- Python-3.11.8.orig/Lib/site.py
|
|
+++ Python-3.11.8/Lib/site.py
|
|
@@ -77,7 +77,7 @@ import io
|
|
import stat
|
|
|
|
# Prefixes for site-packages; add additional prefixes like /usr/local here
|
|
-PREFIXES = [sys.prefix, sys.exec_prefix]
|
|
+PREFIXES = [sys.prefix, sys.exec_prefix, '/usr/local']
|
|
# Enable per user site-packages directory
|
|
# set it to False to disable the feature or True to force the feature
|
|
ENABLE_USER_SITE = None
|