python-interpreters/python313
SHA256
7
0
Fork 0
forked from pool/python313
Code Pull Requests Activity

Add CVE-2025-6075-expandvars-perf-degrad.patch avoid simple

Browse Source 
quadratic complexity vulnerabilities of os.path.expandvars()
(CVE-2025-6075, bsc#1252974).
This commit is contained in:
Matej Cepl
2025-11-14 01:47:34 +01:00
parent 308445653b
commit 462b40c126
4 changed files with 401 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
doc-py38-to-py36.patch
View File

@@ -29,7 +29,7 @@
Index: Python-3.13.9/Doc/c-api/arg.rst
===================================================================
--- Python-3.13.9.orig/Doc/c-api/arg.rst 2025-10-14 15:52:31.000000000 +0200
+++ Python-3.13.9/Doc/c-api/arg.rst 2025-11-04 17:41:42.876411055 +0100
+++ Python-3.13.9/Doc/c-api/arg.rst 2025-11-15 19:05:35.486003809 +0100
@@ -334,7 +334,6 @@
should raise an exception and leave the content of *address* unmodified.
@@ -41,7 +41,7 @@ Index: Python-3.13.9/Doc/c-api/arg.rst
Index: Python-3.13.9/Doc/c-api/typeobj.rst
===================================================================
--- Python-3.13.9.orig/Doc/c-api/typeobj.rst 2025-10-14 15:52:31.000000000 +0200
+++ Python-3.13.9/Doc/c-api/typeobj.rst 2025-11-04 17:41:42.877033887 +0100
+++ Python-3.13.9/Doc/c-api/typeobj.rst 2025-11-15 19:05:35.486669265 +0100
@@ -610,7 +610,7 @@
Functions like :c:func:`PyObject_NewVar` will take the value of N as an
argument, and store in the instance's :c:member:`~PyVarObject.ob_size` field.
@@ -74,8 +74,8 @@ Index: Python-3.13.9/Doc/c-api/typeobj.rst
usually defined by the macro :c:macro:`PyObject_HEAD` or
Index: Python-3.13.9/Doc/conf.py
===================================================================
--- Python-3.13.9.orig/Doc/conf.py 2025-11-04 17:39:03.414159687 +0100
+++ Python-3.13.9/Doc/conf.py 2025-11-04 17:41:42.877735198 +0100
--- Python-3.13.9.orig/Doc/conf.py 2025-11-15 19:05:17.219510876 +0100
+++ Python-3.13.9/Doc/conf.py 2025-11-15 19:05:35.487216966 +0100
@@ -11,6 +11,8 @@
from importlib import import_module
from importlib.util import find_spec
@@ -150,7 +150,7 @@ Index: Python-3.13.9/Doc/conf.py
Index: Python-3.13.9/Doc/library/doctest.rst
===================================================================
--- Python-3.13.9.orig/Doc/library/doctest.rst 2025-10-14 15:52:31.000000000 +0200
+++ Python-3.13.9/Doc/library/doctest.rst 2025-11-04 17:41:42.878188221 +0100
+++ Python-3.13.9/Doc/library/doctest.rst 2025-11-15 19:05:35.487565478 +0100
@@ -310,7 +310,6 @@
.. currentmodule:: None
@@ -162,7 +162,7 @@ Index: Python-3.13.9/Doc/library/doctest.rst
Index: Python-3.13.9/Doc/library/email.compat32-message.rst
===================================================================
--- Python-3.13.9.orig/Doc/library/email.compat32-message.rst 2025-10-14 15:52:31.000000000 +0200
+++ Python-3.13.9/Doc/library/email.compat32-message.rst 2025-11-04 17:41:42.878726754 +0100
+++ Python-3.13.9/Doc/library/email.compat32-message.rst 2025-11-15 19:05:35.488062824 +0100
@@ -7,7 +7,6 @@
:synopsis: The base class representing email messages in a fashion
backward compatible with Python 3.2
@@ -174,7 +174,7 @@ Index: Python-3.13.9/Doc/library/email.compat32-message.rst
Index: Python-3.13.9/Doc/library/xml.etree.elementtree.rst
===================================================================
--- Python-3.13.9.orig/Doc/library/xml.etree.elementtree.rst 2025-10-14 15:52:31.000000000 +0200
+++ Python-3.13.9/Doc/library/xml.etree.elementtree.rst 2025-11-04 17:41:42.879107050 +0100
+++ Python-3.13.9/Doc/library/xml.etree.elementtree.rst 2025-11-15 19:05:35.488397717 +0100
@@ -873,7 +873,6 @@
.. module:: xml.etree.ElementTree
@@ -186,7 +186,7 @@ Index: Python-3.13.9/Doc/library/xml.etree.elementtree.rst
Index: Python-3.13.9/Doc/tools/check-warnings.py
===================================================================
--- Python-3.13.9.orig/Doc/tools/check-warnings.py 2025-10-14 15:52:31.000000000 +0200
+++ Python-3.13.9/Doc/tools/check-warnings.py 2025-11-04 17:41:42.879425179 +0100
+++ Python-3.13.9/Doc/tools/check-warnings.py 2025-11-15 19:05:35.488779823 +0100
@@ -228,7 +228,8 @@
print(filename)
for warning in warnings:
@@ -209,7 +209,7 @@ Index: Python-3.13.9/Doc/tools/check-warnings.py
Index: Python-3.13.9/Doc/tools/extensions/audit_events.py
===================================================================
--- Python-3.13.9.orig/Doc/tools/extensions/audit_events.py 2025-10-14 15:52:31.000000000 +0200
+++ Python-3.13.9/Doc/tools/extensions/audit_events.py 2025-11-04 17:41:42.879679368 +0100
+++ Python-3.13.9/Doc/tools/extensions/audit_events.py 2025-11-15 19:06:08.173461550 +0100
@@ -1,9 +1,6 @@
"""Support for documenting audit events."""
@@ -348,7 +348,7 @@ Index: Python-3.13.9/Doc/tools/extensions/audit_events.py
Index: Python-3.13.9/Doc/tools/extensions/availability.py
===================================================================
--- Python-3.13.9.orig/Doc/tools/extensions/availability.py 2025-10-14 15:52:31.000000000 +0200
+++ Python-3.13.9/Doc/tools/extensions/availability.py 2025-11-04 17:41:42.879900324 +0100
+++ Python-3.13.9/Doc/tools/extensions/availability.py 2025-11-15 19:05:35.489361677 +0100
@@ -1,8 +1,6 @@
"""Support for documenting platform availability"""
@@ -405,7 +405,7 @@ Index: Python-3.13.9/Doc/tools/extensions/availability.py
Index: Python-3.13.9/Doc/tools/extensions/c_annotations.py
===================================================================
--- Python-3.13.9.orig/Doc/tools/extensions/c_annotations.py 2025-10-14 15:52:31.000000000 +0200
+++ Python-3.13.9/Doc/tools/extensions/c_annotations.py 2025-11-04 17:41:42.880074051 +0100
+++ Python-3.13.9/Doc/tools/extensions/c_annotations.py 2025-11-15 19:05:35.489596486 +0100
@@ -9,22 +9,26 @@
* Set ``stable_abi_file`` to the path to stable ABI list.
"""
@@ -546,7 +546,7 @@ Index: Python-3.13.9/Doc/tools/extensions/c_annotations.py
Index: Python-3.13.9/Doc/tools/extensions/changes.py
===================================================================
--- Python-3.13.9.orig/Doc/tools/extensions/changes.py 2025-10-14 15:52:31.000000000 +0200
+++ Python-3.13.9/Doc/tools/extensions/changes.py 2025-11-04 17:41:42.880259370 +0100
+++ Python-3.13.9/Doc/tools/extensions/changes.py 2025-11-15 19:05:35.489833391 +0100
@@ -1,7 +1,5 @@
"""Support for documenting version of changes, additions, deprecations."""
@@ -585,7 +585,7 @@ Index: Python-3.13.9/Doc/tools/extensions/changes.py
Index: Python-3.13.9/Doc/tools/extensions/glossary_search.py
===================================================================
--- Python-3.13.9.orig/Doc/tools/extensions/glossary_search.py 2025-10-14 15:52:31.000000000 +0200
+++ Python-3.13.9/Doc/tools/extensions/glossary_search.py 2025-11-04 17:41:42.880446332 +0100
+++ Python-3.13.9/Doc/tools/extensions/glossary_search.py 2025-11-15 19:05:35.490015958 +0100
@@ -1,21 +1,27 @@
"""Feature search results for glossary items prominently."""
@@ -632,7 +632,7 @@ Index: Python-3.13.9/Doc/tools/extensions/glossary_search.py
Index: Python-3.13.9/Doc/tools/extensions/implementation_detail.py
===================================================================
--- Python-3.13.9.orig/Doc/tools/extensions/implementation_detail.py 2025-10-14 15:52:31.000000000 +0200
+++ Python-3.13.9/Doc/tools/extensions/implementation_detail.py 2025-11-04 17:41:42.880613957 +0100
+++ Python-3.13.9/Doc/tools/extensions/implementation_detail.py 2025-11-15 19:05:35.490207325 +0100
@@ -1,17 +1,10 @@
"""Support for marking up implementation details."""
@@ -686,7 +686,7 @@ Index: Python-3.13.9/Doc/tools/extensions/implementation_detail.py
Index: Python-3.13.9/Doc/tools/extensions/issue_role.py
===================================================================
--- Python-3.13.9.orig/Doc/tools/extensions/issue_role.py 2025-10-14 15:52:31.000000000 +0200
+++ Python-3.13.9/Doc/tools/extensions/issue_role.py 2025-11-04 17:41:42.880769320 +0100
+++ Python-3.13.9/Doc/tools/extensions/issue_role.py 2025-11-15 19:05:35.490431029 +0100
@@ -1,22 +1,18 @@
"""Support for referencing issues in the tracker."""
@@ -735,7 +735,7 @@ Index: Python-3.13.9/Doc/tools/extensions/issue_role.py
Index: Python-3.13.9/Doc/tools/extensions/misc_news.py
===================================================================
--- Python-3.13.9.orig/Doc/tools/extensions/misc_news.py 2025-10-14 15:52:31.000000000 +0200
+++ Python-3.13.9/Doc/tools/extensions/misc_news.py 2025-11-04 17:41:42.880942406 +0100
+++ Python-3.13.9/Doc/tools/extensions/misc_news.py 2025-11-15 19:05:35.490636365 +0100
@@ -1,7 +1,5 @@
"""Support for including Misc/NEWS."""
@@ -791,7 +791,7 @@ Index: Python-3.13.9/Doc/tools/extensions/misc_news.py
Index: Python-3.13.9/Doc/tools/extensions/patchlevel.py
===================================================================
--- Python-3.13.9.orig/Doc/tools/extensions/patchlevel.py 2025-10-14 15:52:31.000000000 +0200
+++ Python-3.13.9/Doc/tools/extensions/patchlevel.py 2025-11-04 17:41:42.881098319 +0100
+++ Python-3.13.9/Doc/tools/extensions/patchlevel.py 2025-11-15 19:05:35.490875504 +0100
@@ -3,7 +3,7 @@
import re
import sys
@@ -832,7 +832,7 @@ Index: Python-3.13.9/Doc/tools/extensions/patchlevel.py
Index: Python-3.13.9/Doc/tools/extensions/pydoc_topics.py
===================================================================
--- Python-3.13.9.orig/Doc/tools/extensions/pydoc_topics.py 2025-10-14 15:52:31.000000000 +0200
+++ Python-3.13.9/Doc/tools/extensions/pydoc_topics.py 2025-11-04 17:41:42.881251888 +0100
+++ Python-3.13.9/Doc/tools/extensions/pydoc_topics.py 2025-11-15 19:05:35.491097253 +0100
@@ -1,21 +1,23 @@
"""Support for building "topic help" for pydoc."""