python/python-GitPython
SHA256
14
0
Fork 0
forked from pool/python-GitPython
Code Pull Requests Activity

- Add CVE-2023-41040.patch to fix directory traversal attack

Browse Source 
vulnerability gh#gitpython-developers/GitPython#1644

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-GitPython?expand=0&rev=56
This commit is contained in:
Daniel Garcia
2023-09-07 06:05:27 +00:00
committed by Git OBS Bridge
parent c81700eb2a
commit 4667633ec8
3 changed files with 61 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
python-GitPython.spec
View File

@@ -28,6 +28,8 @@ URL: https://github.com/gitpython-developers/GitPython
Source: GitPython-%{version}.tar.xz
Patch0: test-skips.patch
Patch1: test_blocking_lock_file-extra-time.patch
# PATCH-FIX-UPSTREAM CVE-2023-41040.patch gh#gitpython-developers/GitPython#1644
Patch2: CVE-2023-41040.patch
BuildRequires: %{python_module ddt >= 1.1.1}
BuildRequires: %{python_module gitdb >= 4.0.1}
BuildRequires: %{python_module pip}