Require Python with tarfile filters
Resolves: RHEL-25453
This commit is contained in:
parent
4de1f9de0e
commit
91d2bf596c
@ -12,7 +12,7 @@
|
|||||||
|
|
||||||
Name: python%{python3_pkgversion}-%{srcname}
|
Name: python%{python3_pkgversion}-%{srcname}
|
||||||
Version: %{base_version}%{?prerel:~%{prerel}}
|
Version: %{base_version}%{?prerel:~%{prerel}}
|
||||||
Release: 4%{?dist}
|
Release: 5%{?dist}
|
||||||
Summary: A tool for installing and managing Python packages
|
Summary: A tool for installing and managing Python packages
|
||||||
|
|
||||||
# We bundle a lot of libraries with pip, which itself is under MIT license.
|
# We bundle a lot of libraries with pip, which itself is under MIT license.
|
||||||
@ -207,7 +207,9 @@ Recommends: python%{python3_pkgversion}-setuptools
|
|||||||
Requires(postun): alternatives >= 1.19.1-1
|
Requires(postun): alternatives >= 1.19.1-1
|
||||||
|
|
||||||
# python3.11 installs the alternatives master symlink to which we attach a slave
|
# python3.11 installs the alternatives master symlink to which we attach a slave
|
||||||
Requires: python%{python3_pkgversion}
|
# pip has to require explicit version of python that provides
|
||||||
|
# filters in tarfile module (fix for CVE-2007-4559).
|
||||||
|
Requires: python%{python3_pkgversion} >= 3.11.4-3
|
||||||
Requires(post): python%{python3_pkgversion}
|
Requires(post): python%{python3_pkgversion}
|
||||||
Requires(postun): python%{python3_pkgversion}
|
Requires(postun): python%{python3_pkgversion}
|
||||||
|
|
||||||
@ -225,6 +227,8 @@ Packages" or "Pip Installs Python".
|
|||||||
%package -n %{python_wheel_pkg_prefix}-%{srcname}-wheel
|
%package -n %{python_wheel_pkg_prefix}-%{srcname}-wheel
|
||||||
Summary: The pip wheel
|
Summary: The pip wheel
|
||||||
Requires: ca-certificates
|
Requires: ca-certificates
|
||||||
|
# Older Python does not provide tarfile filters (fix for CVE-2007-4559).
|
||||||
|
Conflicts: python%{python3_pkgversion} < 3.11.4-3
|
||||||
|
|
||||||
# Virtual provides for the packages bundled by pip:
|
# Virtual provides for the packages bundled by pip:
|
||||||
%{bundled %{python3_pkgversion}}
|
%{bundled %{python3_pkgversion}}
|
||||||
@ -397,6 +401,10 @@ fi
|
|||||||
%{python_wheel_dir}/%{python_wheel_name}
|
%{python_wheel_dir}/%{python_wheel_name}
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Wed Feb 14 2024 Tomáš Hrnčiar <thrnciar@redhat.com> - 22.3.1-5
|
||||||
|
- Require Python with tarfile filters
|
||||||
|
Resolves: RHEL-25453
|
||||||
|
|
||||||
* Tue Aug 08 2023 Petr Viktorin <pviktori@redhat.com> - 22.3.1-4
|
* Tue Aug 08 2023 Petr Viktorin <pviktori@redhat.com> - 22.3.1-4
|
||||||
- Use tarfile.data_filter for extracting (CVE-2007-4559, PEP-721, PEP-706)
|
- Use tarfile.data_filter for extracting (CVE-2007-4559, PEP-721, PEP-706)
|
||||||
Resolves: RHBZ#2218249
|
Resolves: RHBZ#2218249
|
||||||
|
Loading…
Reference in New Issue
Block a user