fence-agents/SOURCES/bz2217902-2-aws-awscli-azure-fix-bundled-dateutil-CVE-2007-4559.patch

51 lines
2.2 KiB
Diff

--- a/aws/dateutil/zoneinfo/rebuild.py 2023-01-26 16:29:30.000000000 +0100
+++ b/aws/dateutil/zoneinfo/rebuild.py 2023-07-19 10:12:42.277559948 +0200
@@ -21,7 +21,12 @@
try:
with TarFile.open(filename) as tf:
for name in zonegroups:
- tf.extract(name, tmpdir)
+ if hasattr(tarfile, 'data_filter'):
+ # Python with CVE-2007-4559 mitigation (PEP 706)
+ tf.extract(name, tmpdir, filter='data')
+ else:
+ # Fallback to a possibly dangerous extraction (before PEP 706)
+ tf.extract(name, tmpdir)
filepaths = [os.path.join(tmpdir, n) for n in zonegroups]
_run_zic(zonedir, filepaths)
--- a/awscli/dateutil/zoneinfo/rebuild.py 2023-01-26 16:29:30.000000000 +0100
+++ b/awscli/dateutil/zoneinfo/rebuild.py 2023-07-19 10:12:42.277559948 +0200
@@ -21,7 +21,12 @@
try:
with TarFile.open(filename) as tf:
for name in zonegroups:
- tf.extract(name, tmpdir)
+ if hasattr(tarfile, 'data_filter'):
+ # Python with CVE-2007-4559 mitigation (PEP 706)
+ tf.extract(name, tmpdir, filter='data')
+ else:
+ # Fallback to a possibly dangerous extraction (before PEP 706)
+ tf.extract(name, tmpdir)
filepaths = [os.path.join(tmpdir, n) for n in zonegroups]
_run_zic(zonedir, filepaths)
--- a/azure/dateutil/zoneinfo/rebuild.py 2023-01-26 16:29:30.000000000 +0100
+++ b/azure/dateutil/zoneinfo/rebuild.py 2023-07-19 10:12:42.277559948 +0200
@@ -21,7 +21,12 @@
try:
with TarFile.open(filename) as tf:
for name in zonegroups:
- tf.extract(name, tmpdir)
+ if hasattr(tarfile, 'data_filter'):
+ # Python with CVE-2007-4559 mitigation (PEP 706)
+ tf.extract(name, tmpdir, filter='data')
+ else:
+ # Fallback to a possibly dangerous extraction (before PEP 706)
+ tf.extract(name, tmpdir)
filepaths = [os.path.join(tmpdir, n) for n in zonegroups]
_run_zic(zonedir, filepaths)