From 1a38434b32897b4b01e2b4a02c2a58ac6e499ff6eb3995f6ea3e2c4f920b33d3 Mon Sep 17 00:00:00 2001
From: Matej Cepl <mcepl@suse.com>
Date: Fri, 1 Aug 2025 20:21:08 +0000
Subject: [PATCH] update the patch

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python312?expand=0&rev=156
---
 CVE-2025-8194-tarfile-no-neg-offsets.patch | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/CVE-2025-8194-tarfile-no-neg-offsets.patch b/CVE-2025-8194-tarfile-no-neg-offsets.patch
index c871b66..9950625 100644
--- a/CVE-2025-8194-tarfile-no-neg-offsets.patch
+++ b/CVE-2025-8194-tarfile-no-neg-offsets.patch
@@ -1,4 +1,4 @@
-From 28d130238bfb5604eef4b594d597f7b5ec951eba Mon Sep 17 00:00:00 2001
+From 8f381056d7364b6771b3dce3ebe54dd9f675811b Mon Sep 17 00:00:00 2001
 From: Alexander Urieles <aeurielesn@users.noreply.github.com>
 Date: Mon, 28 Jul 2025 17:37:26 +0200
 Subject: [PATCH] gh-130577: tarfile now validates archives to ensure member
@@ -16,8 +16,8 @@ Co-authored-by: Gregory P. Smith <greg@krypto.org>
 
 Index: Python-3.12.11/Lib/tarfile.py
 ===================================================================
---- Python-3.12.11.orig/Lib/tarfile.py	2025-08-01 22:15:41.880478642 +0200
-+++ Python-3.12.11/Lib/tarfile.py	2025-08-01 22:15:46.019433577 +0200
+--- Python-3.12.11.orig/Lib/tarfile.py	2025-08-01 22:20:38.061933888 +0200
++++ Python-3.12.11/Lib/tarfile.py	2025-08-01 22:20:42.185990406 +0200
 @@ -1614,6 +1614,9 @@
          """Round up a byte count by BLOCKSIZE and return it,
             e.g. _block(834) => 1024.
@@ -30,8 +30,8 @@ Index: Python-3.12.11/Lib/tarfile.py
              blocks += 1
 Index: Python-3.12.11/Lib/test/test_tarfile.py
 ===================================================================
---- Python-3.12.11.orig/Lib/test/test_tarfile.py	2025-08-01 22:15:43.627892675 +0200
-+++ Python-3.12.11/Lib/test/test_tarfile.py	2025-08-01 22:15:46.020296822 +0200
+--- Python-3.12.11.orig/Lib/test/test_tarfile.py	2025-08-01 22:20:39.792514772 +0200
++++ Python-3.12.11/Lib/test/test_tarfile.py	2025-08-01 22:20:42.187347433 +0200
 @@ -50,6 +50,7 @@
  xzname = os.path.join(TEMPDIR, "testtar.tar.xz")
  tmpname = os.path.join(TEMPDIR, "tmp.tar")
@@ -205,7 +205,7 @@ Index: Python-3.12.11/Lib/test/test_tarfile.py
 Index: Python-3.12.11/Misc/NEWS.d/next/Library/2025-07-23-00-35-29.gh-issue-130577.c7EITy.rst
 ===================================================================
 --- /dev/null	1970-01-01 00:00:00.000000000 +0000
-+++ Python-3.12.11/Misc/NEWS.d/next/Library/2025-07-23-00-35-29.gh-issue-130577.c7EITy.rst	2025-08-01 22:15:46.020814210 +0200
++++ Python-3.12.11/Misc/NEWS.d/next/Library/2025-07-23-00-35-29.gh-issue-130577.c7EITy.rst	2025-08-01 22:20:42.187819145 +0200
 @@ -0,0 +1,3 @@
 +:mod:`tarfile` now validates archives to ensure member offsets are
 +non-negative.  (Contributed by Alexander Enrique Urieles Nieto in