python-interpreters/python314
SHA256
6
0
Fork 1
forked from pool/python314
Code Pull Requests Activity

Fixing bsc#1257108 (CVE-2025-12781)

Browse Source 
Add CVE-2025-12781-b64decode-alt-chars.patch fixing bsc#1257108
  (CVE-2025-12781) combining gh#python/cpython!141061,
  gh#python/cpython!141128, and gh#python/cpython!141153. All
  `*b64decode` functions should not accept non-altchars.
This commit is contained in:
Matej Cepl
2026-02-03 18:11:12 +01:00
parent efcb67a2f8
commit 4b93749109
3 changed files with 207 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
python314.spec
View File

@@ -234,6 +234,9 @@ Patch47: CVE-2025-11468-email-hdr-fold-comment.patch
# PATCH-FIX-UPSTREAM CVE-2026-0672-http-hdr-inject-cookie-Morsel.patch bsc#1257031 mcepl@suse.com
# Reject control characters in http cookies
Patch48: CVE-2026-0672-http-hdr-inject-cookie-Morsel.patch
# PATCH-FIX-UPSTREAM CVE-2025-12781-b64decode-alt-chars.patch bsc#1257108 mcepl@suse.com
# Fix decoding with non-standard Base64 alphabet gh#python/cpython#125346
Patch49: CVE-2025-12781-b64decode-alt-chars.patch
#### Python 3.14 END OF PATCHES
BuildRequires: autoconf-archive
BuildRequires: automake