python-interpreters/python313
SHA256
6
0
Fork 0
forked from pool/python313
Code Pull Requests Activity

Add CVE-2025-6075-expandvars-perf-degrad.patch avoid simple

Browse Source 
quadratic complexity vulnerabilities of os.path.expandvars()
(CVE-2025-6075, bsc#1252974).
This commit is contained in:
Matej Cepl
2025-11-14 01:47:34 +01:00
parent 308445653b
commit e3180f4ab3
4 changed files with 416 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

373
CVE-2025-6075-expandvars-perf-degrad.patch Normal file
View File

@@ -0,0 +1,373 @@
From 4fc21099da844f85b799d3c4c8b1b5936faa4cdc Mon Sep 17 00:00:00 2001
From: Serhiy Storchaka <storchaka@gmail.com>
Date: Fri, 31 Oct 2025 15:49:51 +0200
Subject: [PATCH 1/2] [3.13] gh-136065: Fix quadratic complexity in
os.path.expandvars() (GH-134952) (cherry picked from commit
f029e8db626ddc6e3a3beea4eff511a71aaceb5c)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
Co-authored-by: Łukasz Langa <lukasz@langa.pl>
---
Lib/ntpath.py | 126 +++-------
Lib/posixpath.py | 43 +--
Lib/test/test_genericpath.py | 21 +
Lib/test/test_ntpath.py | 22 +
Misc/NEWS.d/next/Security/2025-05-30-22-33-27.gh-issue-136065.bu337o.rst | 1
5 files changed, 96 insertions(+), 117 deletions(-)
create mode 100644 Misc/NEWS.d/next/Security/2025-05-30-22-33-27.gh-issue-136065.bu337o.rst
Index: Python-3.13.9/Lib/ntpath.py
===================================================================
--- Python-3.13.9.orig/Lib/ntpath.py 2025-10-14 15:52:31.000000000 +0200
+++ Python-3.13.9/Lib/ntpath.py 2025-11-14 01:47:08.155405483 +0100
@@ -400,17 +400,23 @@
# XXX With COMMAND.COM you can use any characters in a variable name,
# XXX except '^|<>='.
+_varpattern = r"'[^']*'?|%(%|[^%]*%?)|\$(\$|[-\w]+|\{[^}]*\}?)"
+_varsub = None
+_varsubb = None
+
def expandvars(path):
"""Expand shell variables of the forms $var, ${var} and %var%.
Unknown variables are left unchanged."""
path = os.fspath(path)
+ global _varsub, _varsubb
if isinstance(path, bytes):
if b'$' not in path and b'%' not in path:
return path
- import string
- varchars = bytes(string.ascii_letters + string.digits + '_-', 'ascii')
- quote = b'\''
+ if not _varsubb:
+ import re
+ _varsubb = re.compile(_varpattern.encode(), re.ASCII).sub
+ sub = _varsubb
percent = b'%'
brace = b'{'
rbrace = b'}'
@@ -419,94 +425,44 @@
else:
if '$' not in path and '%' not in path:
return path
- import string
- varchars = string.ascii_letters + string.digits + '_-'
- quote = '\''
+ if not _varsub:
+ import re
+ _varsub = re.compile(_varpattern, re.ASCII).sub
+ sub = _varsub
percent = '%'
brace = '{'
rbrace = '}'
dollar = '$'
environ = os.environ
- res = path[:0]
- index = 0
- pathlen = len(path)
- while index < pathlen:
- c = path[index:index+1]
- if c == quote: # no expansion within single quotes
- path = path[index + 1:]
- pathlen = len(path)
- try:
- index = path.index(c)
- res += c + path[:index + 1]
- except ValueError:
- res += c + path
- index = pathlen - 1
- elif c == percent: # variable or '%'
- if path[index + 1:index + 2] == percent:
- res += c
- index += 1
- else:
- path = path[index+1:]
- pathlen = len(path)
- try:
- index = path.index(percent)
- except ValueError:
- res += percent + path
- index = pathlen - 1
- else:
- var = path[:index]
- try:
- if environ is None:
- value = os.fsencode(os.environ[os.fsdecode(var)])
- else:
- value = environ[var]
- except KeyError:
- value = percent + var + percent
- res += value
- elif c == dollar: # variable or '$$'
- if path[index + 1:index + 2] == dollar:
- res += c
- index += 1
- elif path[index + 1:index + 2] == brace:
- path = path[index+2:]
- pathlen = len(path)
- try:
- index = path.index(rbrace)
- except ValueError:
- res += dollar + brace + path
- index = pathlen - 1
- else:
- var = path[:index]
- try:
- if environ is None:
- value = os.fsencode(os.environ[os.fsdecode(var)])
- else:
- value = environ[var]
- except KeyError:
- value = dollar + brace + var + rbrace
- res += value
- else:
- var = path[:0]
- index += 1
- c = path[index:index + 1]
- while c and c in varchars:
- var += c
- index += 1
- c = path[index:index + 1]
- try:
- if environ is None:
- value = os.fsencode(os.environ[os.fsdecode(var)])
- else:
- value = environ[var]
- except KeyError:
- value = dollar + var
- res += value
- if c:
- index -= 1
+
+ def repl(m):
+ lastindex = m.lastindex
+ if lastindex is None:
+ return m[0]
+ name = m[lastindex]
+ if lastindex == 1:
+ if name == percent:
+ return name
+ if not name.endswith(percent):
+ return m[0]
+ name = name[:-1]
else:
- res += c
- index += 1
- return res
+ if name == dollar:
+ return name
+ if name.startswith(brace):
+ if not name.endswith(rbrace):
+ return m[0]
+ name = name[1:-1]
+
+ try:
+ if environ is None:
+ return os.fsencode(os.environ[os.fsdecode(name)])
+ else:
+ return environ[name]
+ except KeyError:
+ return m[0]
+
+ return sub(repl, path)
# Normalize a path, e.g. A//B, A/./B and A/foo/../B all become A\B.
Index: Python-3.13.9/Lib/posixpath.py
===================================================================
--- Python-3.13.9.orig/Lib/posixpath.py 2025-10-14 15:52:31.000000000 +0200
+++ Python-3.13.9/Lib/posixpath.py 2025-11-14 01:47:08.155728503 +0100
@@ -284,42 +284,41 @@
# This expands the forms $variable and ${variable} only.
# Non-existent variables are left unchanged.
-_varprog = None
-_varprogb = None
+_varpattern = r'\$(\w+|\{[^}]*\}?)'
+_varsub = None
+_varsubb = None
def expandvars(path):
"""Expand shell variables of form $var and ${var}. Unknown variables
are left unchanged."""
path = os.fspath(path)
- global _varprog, _varprogb
+ global _varsub, _varsubb
if isinstance(path, bytes):
if b'$' not in path:
return path
- if not _varprogb:
+ if not _varsubb:
import re
- _varprogb = re.compile(br'\$(\w+|\{[^}]*\})', re.ASCII)
- search = _varprogb.search
+ _varsubb = re.compile(_varpattern.encode(), re.ASCII).sub
+ sub = _varsubb
start = b'{'
end = b'}'
environ = getattr(os, 'environb', None)
else:
if '$' not in path:
return path
- if not _varprog:
+ if not _varsub:
import re
- _varprog = re.compile(r'\$(\w+|\{[^}]*\})', re.ASCII)
- search = _varprog.search
+ _varsub = re.compile(_varpattern, re.ASCII).sub
+ sub = _varsub
start = '{'
end = '}'
environ = os.environ
- i = 0
- while True:
- m = search(path, i)
- if not m:
- break
- i, j = m.span(0)
- name = m.group(1)
- if name.startswith(start) and name.endswith(end):
+
+ def repl(m):
+ name = m[1]
+ if name.startswith(start):
+ if not name.endswith(end):
+ return m[0]
name = name[1:-1]
try:
if environ is None:
@@ -327,13 +326,11 @@
else:
value = environ[name]
except KeyError:
- i = j
+ return m[0]
else:
- tail = path[j:]
- path = path[:i] + value
- i = len(path)
- path += tail
- return path
+ return value
+
+ return sub(repl, path)
# Normalize a path, e.g. A//B, A/./B and A/foo/../B all become A/B.
Index: Python-3.13.9/Lib/test/test_genericpath.py
===================================================================
--- Python-3.13.9.orig/Lib/test/test_genericpath.py 2025-10-14 15:52:31.000000000 +0200
+++ Python-3.13.9/Lib/test/test_genericpath.py 2025-11-14 01:47:08.157575687 +0100
@@ -7,9 +7,9 @@
import sys
import unittest
import warnings
-from test.support import (
- is_apple, is_emscripten, os_helper, warnings_helper
-)
+from test import support
+from test.support import os_helper, is_emscripten
+from test.support import warnings_helper
from test.support.script_helper import assert_python_ok
from test.support.os_helper import FakePath
@@ -446,6 +446,19 @@
os.fsencode('$bar%s bar' % nonascii))
check(b'$spam}bar', os.fsencode('%s}bar' % nonascii))
+ @support.requires_resource('cpu')
+ def test_expandvars_large(self):
+ expandvars = self.pathmodule.expandvars
+ with os_helper.EnvironmentVarGuard() as env:
+ env.clear()
+ env["A"] = "B"
+ n = 100_000
+ self.assertEqual(expandvars('$A'*n), 'B'*n)
+ self.assertEqual(expandvars('${A}'*n), 'B'*n)
+ self.assertEqual(expandvars('$A!'*n), 'B!'*n)
+ self.assertEqual(expandvars('${A}A'*n), 'BA'*n)
+ self.assertEqual(expandvars('${'*10*n), '${'*10*n)
+
def test_abspath(self):
self.assertIn("foo", self.pathmodule.abspath("foo"))
with warnings.catch_warnings():
@@ -503,7 +516,7 @@
# directory (when the bytes name is used).
and sys.platform not in {
"win32", "emscripten", "wasi"
- } and not is_apple
+ } and not support.is_apple
):
name = os_helper.TESTFN_UNDECODABLE
elif os_helper.TESTFN_NONASCII:
Index: Python-3.13.9/Lib/test/test_ntpath.py
===================================================================
--- Python-3.13.9.orig/Lib/test/test_ntpath.py 2025-10-14 15:52:31.000000000 +0200
+++ Python-3.13.9/Lib/test/test_ntpath.py 2025-11-14 01:47:08.156225429 +0100
@@ -8,8 +8,7 @@
import warnings
from ntpath import ALLOW_MISSING
from test import support
-from test.support import cpython_only, os_helper
-from test.support import TestFailed, is_emscripten
+from test.support import os_helper, is_emscripten
from test.support.os_helper import FakePath
from test import test_genericpath
from tempfile import TemporaryFile
@@ -59,7 +58,7 @@
fn = fn.replace("\\", "\\\\")
gotResult = eval(fn)
if wantResult != gotResult and _norm(wantResult) != _norm(gotResult):
- raise TestFailed("%s should return: %s but returned: %s" \
+ raise support.TestFailed("%s should return: %s but returned: %s" \
%(str(fn), str(wantResult), str(gotResult)))
# then with bytes
@@ -75,7 +74,7 @@
warnings.simplefilter("ignore", DeprecationWarning)
gotResult = eval(fn)
if _norm(wantResult) != _norm(gotResult):
- raise TestFailed("%s should return: %s but returned: %s" \
+ raise support.TestFailed("%s should return: %s but returned: %s" \
%(str(fn), str(wantResult), repr(gotResult)))
@@ -1022,6 +1021,19 @@
check('%spam%bar', '%sbar' % nonascii)
check('%{}%bar'.format(nonascii), 'ham%sbar' % nonascii)
+ @support.requires_resource('cpu')
+ def test_expandvars_large(self):
+ expandvars = ntpath.expandvars
+ with os_helper.EnvironmentVarGuard() as env:
+ env.clear()
+ env["A"] = "B"
+ n = 100_000
+ self.assertEqual(expandvars('%A%'*n), 'B'*n)
+ self.assertEqual(expandvars('%A%A'*n), 'BA'*n)
+ self.assertEqual(expandvars("''"*n + '%%'), "''"*n + '%')
+ self.assertEqual(expandvars("%%"*n), "%"*n)
+ self.assertEqual(expandvars("$$"*n), "$"*n)
+
def test_expanduser(self):
tester('ntpath.expanduser("test")', 'test')
@@ -1440,7 +1452,7 @@
self.assertTrue(os.path.exists(r"\\.\CON"))
@unittest.skipIf(sys.platform != 'win32', "Fast paths are only for win32")
- @cpython_only
+ @support.cpython_only
def test_fast_paths_in_use(self):
# There are fast paths of these functions implemented in posixmodule.c.
# Confirm that they are being used, and not the Python fallbacks in
Index: Python-3.13.9/Misc/NEWS.d/next/Security/2025-05-30-22-33-27.gh-issue-136065.bu337o.rst
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
+++ Python-3.13.9/Misc/NEWS.d/next/Security/2025-05-30-22-33-27.gh-issue-136065.bu337o.rst 2025-11-14 01:47:08.156533642 +0100
@@ -0,0 +1 @@
+Fix quadratic complexity in :func:`os.path.expandvars`.

52
doc-py38-to-py36.patch
View File

@@ -7,6 +7,7 @@
Doc/library/doctest.rst | 1
Doc/library/email.compat32-message.rst | 1
Doc/library/xml.etree.elementtree.rst | 1
Doc/Makefile | 2
Doc/c-api/arg.rst | 1
Doc/c-api/typeobj.rst | 8 +--
Doc/conf.py | 29 ++++++++++---
@@ -24,12 +25,25 @@
Doc/tools/extensions/misc_news.py | 14 ++----
Doc/tools/extensions/patchlevel.py | 9 ++--
Doc/tools/extensions/pydoc_topics.py | 22 +++++-----
17 files changed, 155 insertions(+), 126 deletions(-)
18 files changed, 156 insertions(+), 127 deletions(-)
Index: Python-3.13.9/Doc/Makefile
===================================================================
--- Python-3.13.9.orig/Doc/Makefile 2025-10-14 15:52:31.000000000 +0200
+++ Python-3.13.9/Doc/Makefile 2025-11-15 22:56:09.080871289 +0100
@@ -14,7 +14,7 @@
SOURCES =
DISTVERSION = $(shell $(PYTHON) tools/extensions/patchlevel.py)
REQUIREMENTS = requirements.txt
-SPHINXERRORHANDLING = --fail-on-warning
+SPHINXERRORHANDLING =
# Internal variables.
PAPEROPT_a4 = --define latex_elements.papersize=a4paper
Index: Python-3.13.9/Doc/c-api/arg.rst
===================================================================
--- Python-3.13.9.orig/Doc/c-api/arg.rst 2025-10-14 15:52:31.000000000 +0200
+++ Python-3.13.9/Doc/c-api/arg.rst 2025-11-04 17:41:42.876411055 +0100
+++ Python-3.13.9/Doc/c-api/arg.rst 2025-11-15 22:55:47.005463838 +0100
@@ -334,7 +334,6 @@
should raise an exception and leave the content of *address* unmodified.
@@ -41,7 +55,7 @@ Index: Python-3.13.9/Doc/c-api/arg.rst
Index: Python-3.13.9/Doc/c-api/typeobj.rst
===================================================================
--- Python-3.13.9.orig/Doc/c-api/typeobj.rst 2025-10-14 15:52:31.000000000 +0200
+++ Python-3.13.9/Doc/c-api/typeobj.rst 2025-11-04 17:41:42.877033887 +0100
+++ Python-3.13.9/Doc/c-api/typeobj.rst 2025-11-15 22:55:47.006633833 +0100
@@ -610,7 +610,7 @@
Functions like :c:func:`PyObject_NewVar` will take the value of N as an
argument, and store in the instance's :c:member:`~PyVarObject.ob_size` field.
@@ -74,8 +88,8 @@ Index: Python-3.13.9/Doc/c-api/typeobj.rst
usually defined by the macro :c:macro:`PyObject_HEAD` or
Index: Python-3.13.9/Doc/conf.py
===================================================================
--- Python-3.13.9.orig/Doc/conf.py 2025-11-04 17:39:03.414159687 +0100
+++ Python-3.13.9/Doc/conf.py 2025-11-04 17:41:42.877735198 +0100
--- Python-3.13.9.orig/Doc/conf.py 2025-11-15 22:55:39.285896375 +0100
+++ Python-3.13.9/Doc/conf.py 2025-11-15 22:55:47.007347829 +0100
@@ -11,6 +11,8 @@
from importlib import import_module
from importlib.util import find_spec
@@ -150,7 +164,7 @@ Index: Python-3.13.9/Doc/conf.py
Index: Python-3.13.9/Doc/library/doctest.rst
===================================================================
--- Python-3.13.9.orig/Doc/library/doctest.rst 2025-10-14 15:52:31.000000000 +0200
+++ Python-3.13.9/Doc/library/doctest.rst 2025-11-04 17:41:42.878188221 +0100
+++ Python-3.13.9/Doc/library/doctest.rst 2025-11-15 22:55:47.008004484 +0100
@@ -310,7 +310,6 @@
.. currentmodule:: None
@@ -162,7 +176,7 @@ Index: Python-3.13.9/Doc/library/doctest.rst
Index: Python-3.13.9/Doc/library/email.compat32-message.rst
===================================================================
--- Python-3.13.9.orig/Doc/library/email.compat32-message.rst 2025-10-14 15:52:31.000000000 +0200
+++ Python-3.13.9/Doc/library/email.compat32-message.rst 2025-11-04 17:41:42.878726754 +0100
+++ Python-3.13.9/Doc/library/email.compat32-message.rst 2025-11-15 22:55:47.008617977 +0100
@@ -7,7 +7,6 @@
:synopsis: The base class representing email messages in a fashion
backward compatible with Python 3.2
@@ -174,7 +188,7 @@ Index: Python-3.13.9/Doc/library/email.compat32-message.rst
Index: Python-3.13.9/Doc/library/xml.etree.elementtree.rst
===================================================================
--- Python-3.13.9.orig/Doc/library/xml.etree.elementtree.rst 2025-10-14 15:52:31.000000000 +0200
+++ Python-3.13.9/Doc/library/xml.etree.elementtree.rst 2025-11-04 17:41:42.879107050 +0100
+++ Python-3.13.9/Doc/library/xml.etree.elementtree.rst 2025-11-15 22:55:47.009206956 +0100
@@ -873,7 +873,6 @@
.. module:: xml.etree.ElementTree
@@ -186,7 +200,7 @@ Index: Python-3.13.9/Doc/library/xml.etree.elementtree.rst
Index: Python-3.13.9/Doc/tools/check-warnings.py
===================================================================
--- Python-3.13.9.orig/Doc/tools/check-warnings.py 2025-10-14 15:52:31.000000000 +0200
+++ Python-3.13.9/Doc/tools/check-warnings.py 2025-11-04 17:41:42.879425179 +0100
+++ Python-3.13.9/Doc/tools/check-warnings.py 2025-11-15 22:55:47.009862424 +0100
@@ -228,7 +228,8 @@
print(filename)
for warning in warnings:
@@ -209,7 +223,7 @@ Index: Python-3.13.9/Doc/tools/check-warnings.py
Index: Python-3.13.9/Doc/tools/extensions/audit_events.py
===================================================================
--- Python-3.13.9.orig/Doc/tools/extensions/audit_events.py 2025-10-14 15:52:31.000000000 +0200
+++ Python-3.13.9/Doc/tools/extensions/audit_events.py 2025-11-04 17:41:42.879679368 +0100
+++ Python-3.13.9/Doc/tools/extensions/audit_events.py 2025-11-15 22:56:01.019878076 +0100
@@ -1,9 +1,6 @@
"""Support for documenting audit events."""
@@ -348,7 +362,7 @@ Index: Python-3.13.9/Doc/tools/extensions/audit_events.py
Index: Python-3.13.9/Doc/tools/extensions/availability.py
===================================================================
--- Python-3.13.9.orig/Doc/tools/extensions/availability.py 2025-10-14 15:52:31.000000000 +0200
+++ Python-3.13.9/Doc/tools/extensions/availability.py 2025-11-04 17:41:42.879900324 +0100
+++ Python-3.13.9/Doc/tools/extensions/availability.py 2025-11-15 22:55:47.010894411 +0100
@@ -1,8 +1,6 @@
"""Support for documenting platform availability"""
@@ -405,7 +419,7 @@ Index: Python-3.13.9/Doc/tools/extensions/availability.py
Index: Python-3.13.9/Doc/tools/extensions/c_annotations.py
===================================================================
--- Python-3.13.9.orig/Doc/tools/extensions/c_annotations.py 2025-10-14 15:52:31.000000000 +0200
+++ Python-3.13.9/Doc/tools/extensions/c_annotations.py 2025-11-04 17:41:42.880074051 +0100
+++ Python-3.13.9/Doc/tools/extensions/c_annotations.py 2025-11-15 22:55:47.011416690 +0100
@@ -9,22 +9,26 @@
* Set ``stable_abi_file`` to the path to stable ABI list.
"""
@@ -546,7 +560,7 @@ Index: Python-3.13.9/Doc/tools/extensions/c_annotations.py
Index: Python-3.13.9/Doc/tools/extensions/changes.py
===================================================================
--- Python-3.13.9.orig/Doc/tools/extensions/changes.py 2025-10-14 15:52:31.000000000 +0200
+++ Python-3.13.9/Doc/tools/extensions/changes.py 2025-11-04 17:41:42.880259370 +0100
+++ Python-3.13.9/Doc/tools/extensions/changes.py 2025-11-15 22:55:47.011919693 +0100
@@ -1,7 +1,5 @@
"""Support for documenting version of changes, additions, deprecations."""
@@ -585,7 +599,7 @@ Index: Python-3.13.9/Doc/tools/extensions/changes.py
Index: Python-3.13.9/Doc/tools/extensions/glossary_search.py
===================================================================
--- Python-3.13.9.orig/Doc/tools/extensions/glossary_search.py 2025-10-14 15:52:31.000000000 +0200
+++ Python-3.13.9/Doc/tools/extensions/glossary_search.py 2025-11-04 17:41:42.880446332 +0100
+++ Python-3.13.9/Doc/tools/extensions/glossary_search.py 2025-11-15 22:55:47.012151010 +0100
@@ -1,21 +1,27 @@
"""Feature search results for glossary items prominently."""
@@ -632,7 +646,7 @@ Index: Python-3.13.9/Doc/tools/extensions/glossary_search.py
Index: Python-3.13.9/Doc/tools/extensions/implementation_detail.py
===================================================================
--- Python-3.13.9.orig/Doc/tools/extensions/implementation_detail.py 2025-10-14 15:52:31.000000000 +0200
+++ Python-3.13.9/Doc/tools/extensions/implementation_detail.py 2025-11-04 17:41:42.880613957 +0100
+++ Python-3.13.9/Doc/tools/extensions/implementation_detail.py 2025-11-15 22:55:47.012356764 +0100
@@ -1,17 +1,10 @@
"""Support for marking up implementation details."""
@@ -686,7 +700,7 @@ Index: Python-3.13.9/Doc/tools/extensions/implementation_detail.py
Index: Python-3.13.9/Doc/tools/extensions/issue_role.py
===================================================================
--- Python-3.13.9.orig/Doc/tools/extensions/issue_role.py 2025-10-14 15:52:31.000000000 +0200
+++ Python-3.13.9/Doc/tools/extensions/issue_role.py 2025-11-04 17:41:42.880769320 +0100
+++ Python-3.13.9/Doc/tools/extensions/issue_role.py 2025-11-15 22:55:47.012694591 +0100
@@ -1,22 +1,18 @@
"""Support for referencing issues in the tracker."""
@@ -735,7 +749,7 @@ Index: Python-3.13.9/Doc/tools/extensions/issue_role.py
Index: Python-3.13.9/Doc/tools/extensions/misc_news.py
===================================================================
--- Python-3.13.9.orig/Doc/tools/extensions/misc_news.py 2025-10-14 15:52:31.000000000 +0200
+++ Python-3.13.9/Doc/tools/extensions/misc_news.py 2025-11-04 17:41:42.880942406 +0100
+++ Python-3.13.9/Doc/tools/extensions/misc_news.py 2025-11-15 22:55:47.013146888 +0100
@@ -1,7 +1,5 @@
"""Support for including Misc/NEWS."""
@@ -791,7 +805,7 @@ Index: Python-3.13.9/Doc/tools/extensions/misc_news.py
Index: Python-3.13.9/Doc/tools/extensions/patchlevel.py
===================================================================
--- Python-3.13.9.orig/Doc/tools/extensions/patchlevel.py 2025-10-14 15:52:31.000000000 +0200
+++ Python-3.13.9/Doc/tools/extensions/patchlevel.py 2025-11-04 17:41:42.881098319 +0100
+++ Python-3.13.9/Doc/tools/extensions/patchlevel.py 2025-11-15 22:55:47.013664697 +0100
@@ -3,7 +3,7 @@
import re
import sys
@@ -832,7 +846,7 @@ Index: Python-3.13.9/Doc/tools/extensions/patchlevel.py
Index: Python-3.13.9/Doc/tools/extensions/pydoc_topics.py
===================================================================
--- Python-3.13.9.orig/Doc/tools/extensions/pydoc_topics.py 2025-10-14 15:52:31.000000000 +0200
+++ Python-3.13.9/Doc/tools/extensions/pydoc_topics.py 2025-11-04 17:41:42.881251888 +0100
+++ Python-3.13.9/Doc/tools/extensions/pydoc_topics.py 2025-11-15 22:55:47.014041565 +0100
@@ -1,21 +1,23 @@
"""Support for building "topic help" for pydoc."""

7
python313.changes
View File

@@ -1,3 +1,10 @@
-------------------------------------------------------------------
Thu Nov 13 17:13:03 UTC 2025 - Matej Cepl <mcepl@cepl.eu>
- Add CVE-2025-6075-expandvars-perf-degrad.patch avoid simple
quadratic complexity vulnerabilities of os.path.expandvars()
(CVE-2025-6075, bsc#1252974).
-------------------------------------------------------------------
Tue Nov 4 16:44:05 UTC 2025 - Matej Cepl <mcepl@cepl.eu>

6
python313.spec
View File

@@ -238,6 +238,9 @@ Patch45: gh139257-Support-docutils-0.22.patch
# PATCH-FIX-UPSTREAM CVE-2025-8291-consistency-zip64.patch bsc#1251305 mcepl@suse.com
# Check consistency of the zip64 end of central directory record
Patch46: CVE-2025-8291-consistency-zip64.patch
# PATCH-FIX-UPSTREAM CVE-2025-6075-expandvars-perf-degrad.patch bsc#1252974 mcepl@suse.com
# Avoid potential quadratic complexity vulnerabilities in path modules
Patch47: CVE-2025-6075-expandvars-perf-degrad.patch
BuildRequires: autoconf-archive
BuildRequires: automake
BuildRequires: fdupes
@@ -557,9 +560,6 @@ rm Lib/site-packages/README.txt
# Add vendored bluez-devel files
tar xvf %{SOURCE21}
# Don't fail on warnings when building documentation
sed -i -e '/^SPHINXERRORHANDLING/s/--fail-on-warning//' Doc/Makefile
%build
export SUSE_VERSION="0%{?suse_version}"
export SLE_VERSION="0%{?sle_version}"