python-interpreters/python314
SHA256
7
0
Fork 0
forked from pool/python314
Code Pull Requests Activity

- Add CVE-2025-8194-tarfile-no-neg-offsets.patch which now

Browse Source 
validates archives to ensure member offsets are non-negative
  (gh#python/cpython#130577, CVE-2025-8194, bsc#1247249).

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python314?expand=0&rev=89
This commit is contained in:
Matej Cepl
2025-08-01 20:11:08 +00:00
committed by Matěj Cepl
parent e49112fb09
commit 0073182b67
3 changed files with 225 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
python314.spec
View File

@@ -219,6 +219,12 @@ Patch39: CVE-2023-52425-libexpat-2.6.0-backport-15.6.patch
# PATCH-FIX-OPENSUSE fix-test-recursion-limit-15.6.patch gh#python/cpython#115083
# Skip some failing tests in test_compile for i586 arch in 15.6.
Patch40: fix-test-recursion-limit-15.6.patch
# PATCH-FIX-UPSTREAM bsc1243155-sphinx-non-determinism.patch bsc#1243155 mcepl@suse.com
# Doc: Generate ids for audit_events using docname
Patch41: bsc1243155-sphinx-non-determinism.patch
# PATCH-FIX-UPSTREAM CVE-2025-8194-tarfile-no-neg-offsets.patch bsc#1247249 mcepl@suse.com
# tarfile now validates archives to ensure member offsets are non-negative
Patch42: CVE-2025-8194-tarfile-no-neg-offsets.patch
#### Python 3.14 DEVELOPMENT PATCHES
BuildRequires: autoconf-archive
BuildRequires: automake