forked from pool/python39
Matej Cepl
64818e1d6b
- Security
- gh-135034: Fixes multiple issues that allowed tarfile
extraction filters (filter="data" and filter="tar") to be
bypassed using crafted symlinks and hard links.
- Addresses CVE-2024-12718 (bsc#1244056), CVE-2025-4138
(bsc#1244059), CVE-2025-4330 (bsc#1244060), and
CVE-2025-4517 (bsc#1244032).
- gh-133767: Fix use-after-free in the “unicode-escape”
decoder with a non-“strict” error handler (CVE-2025-4516,
bsc#1243273).
- gh-128840: Short-circuit the processing of long IPv6
addresses early in ipaddress to prevent excessive memory
consumption and a minor denial-of-service.
- gh-80222: Fix bug in the folding of quoted strings
when flattening an email message using a modern email
policy. Previously when a quoted string was folded so
that it spanned more than one line, the surrounding
quotes and internal escapes would be omitted. This could
theoretically be used to spoof header lines using a
carefully constructed quoted string if the resulting
rendered email was transmitted or re-parsed.
- Library
- gh-128840: Fix parsing long IPv6 addresses with embedded
IPv4 address.
- gh-134062: ipaddress: fix collisions in __hash__() for
IPv4Network and IPv6Network objects.
- gh-123409: Fix ipaddress.IPv6Address.reverse_pointer output
according to RFC 3596, §2.5. Patch by Bénédikt Tran.
- bpo-43633: Improve the textual representation of
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python39?expand=0&rev=233
91 lines
2.1 KiB
Diff
91 lines
2.1 KiB
Diff
---
|
|
Doc/library/tarfile.rst | 11 -----------
|
|
1 file changed, 11 deletions(-)
|
|
|
|
--- a/Doc/library/tarfile.rst
|
|
+++ b/Doc/library/tarfile.rst
|
|
@@ -504,7 +504,6 @@ be finalized; only the internally used f
|
|
Return an :class:`io.BufferedReader` object.
|
|
|
|
.. attribute:: TarFile.errorlevel
|
|
- :type: int
|
|
|
|
If *errorlevel* is ``0``, errors are ignored when using :meth:`TarFile.extract`
|
|
and :meth:`TarFile.extractall`.
|
|
@@ -683,19 +682,16 @@ A ``TarInfo`` object has the following p
|
|
|
|
|
|
.. attribute:: TarInfo.name
|
|
- :type: str
|
|
|
|
Name of the archive member.
|
|
|
|
|
|
.. attribute:: TarInfo.size
|
|
- :type: int
|
|
|
|
Size in bytes.
|
|
|
|
|
|
.. attribute:: TarInfo.mtime
|
|
- :type: int | float
|
|
|
|
Time of last modification in seconds since the :ref:`epoch <epoch>`,
|
|
as in :attr:`os.stat_result.st_mtime`.
|
|
@@ -707,7 +703,6 @@ A ``TarInfo`` object has the following p
|
|
attribute.
|
|
|
|
.. attribute:: TarInfo.mode
|
|
- :type: int
|
|
|
|
Permission bits, as for :func:`os.chmod`.
|
|
|
|
@@ -727,7 +722,6 @@ A ``TarInfo`` object has the following p
|
|
|
|
|
|
.. attribute:: TarInfo.linkname
|
|
- :type: str
|
|
|
|
Name of the target file name, which is only present in :class:`TarInfo` objects
|
|
of type :const:`LNKTYPE` and :const:`SYMTYPE`.
|
|
@@ -739,7 +733,6 @@ A ``TarInfo`` object has the following p
|
|
|
|
|
|
.. attribute:: TarInfo.uid
|
|
- :type: int
|
|
|
|
User ID of the user who originally stored this member.
|
|
|
|
@@ -750,7 +743,6 @@ A ``TarInfo`` object has the following p
|
|
attribute.
|
|
|
|
.. attribute:: TarInfo.gid
|
|
- :type: int
|
|
|
|
Group ID of the user who originally stored this member.
|
|
|
|
@@ -761,7 +753,6 @@ A ``TarInfo`` object has the following p
|
|
attribute.
|
|
|
|
.. attribute:: TarInfo.uname
|
|
- :type: str
|
|
|
|
User name.
|
|
|
|
@@ -772,7 +763,6 @@ A ``TarInfo`` object has the following p
|
|
attribute.
|
|
|
|
.. attribute:: TarInfo.gname
|
|
- :type: str
|
|
|
|
Group name.
|
|
|
|
@@ -783,7 +773,6 @@ A ``TarInfo`` object has the following p
|
|
attribute.
|
|
|
|
.. attribute:: TarInfo.pax_headers
|
|
- :type: dict
|
|
|
|
A dictionary containing key-value pairs of an associated pax extended header.
|
|
|