--- a/aws/dateutil/zoneinfo/rebuild.py 2023-01-26 16:29:30.000000000 +0100 +++ b/aws/dateutil/zoneinfo/rebuild.py 2023-07-19 10:12:42.277559948 +0200 @@ -21,7 +21,12 @@ try: with TarFile.open(filename) as tf: for name in zonegroups: - tf.extract(name, tmpdir) + if hasattr(tarfile, 'data_filter'): + # Python with CVE-2007-4559 mitigation (PEP 706) + tf.extract(name, tmpdir, filter='data') + else: + # Fallback to a possibly dangerous extraction (before PEP 706) + tf.extract(name, tmpdir) filepaths = [os.path.join(tmpdir, n) for n in zonegroups] _run_zic(zonedir, filepaths)