python-interpreters/python315
SHA256
6
0
Fork 0
forked from pool/python315
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add CVE-2025-13836-http-resp-cont-len.patch (bsc#1254400, CVE-2025-13836)

Browse Source 
Prevent reading an HTTP response from a server, if no read amount is
specified, with using Content-Length per default as the length.
This commit is contained in:
Matej Cepl
2025-12-18 16:07:31 +01:00
parent 39c4b2a029
commit 2544c41d2e
3 changed files with 165 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
python315.spec
View File

@@ -224,6 +224,9 @@ Patch40: fix-test-recursion-limit-15.6.patch
Patch41: bsc1243155-sphinx-non-determinism.patch
# PATCH-FIX-OPENSUSE gh139257-Support-docutils-0.22.patch gh#python/cpython#139257 daniel.garcia@suse.com
Patch42: gh139257-Support-docutils-0.22.patch
# PATCH-FIX-UPSTREAM CVE-2025-13836-http-resp-cont-len.patch bsc#1254400 mcepl@suse.com
# Avoid loading possibly compromised length of HTTP response
Patch43: CVE-2025-13836-http-resp-cont-len.patch
#### Python 3.15 DEVELOPMENT PATCHES
BuildRequires: autoconf-archive
BuildRequires: automake