CVE-2007-4559, PEP-706: Add filters for tarfile extraction
This commit is contained in:
		
							parent
							
								
									e5389fd0f4
								
							
						
					
					
						commit
						a1023e197c
					
				
							
								
								
									
										2713
									
								
								00397-tarfile-filter.patch
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										2713
									
								
								00397-tarfile-filter.patch
									
									
									
									
									
										Normal file
									
								
							
										
											
												File diff suppressed because it is too large
												Load Diff
											
										
									
								
							| @ -17,7 +17,7 @@ URL: https://www.python.org/ | ||||
| #global prerel ... | ||||
| %global upstream_version %{general_version}%{?prerel} | ||||
| Version: %{general_version}%{?prerel:~%{prerel}} | ||||
| Release: 1%{?dist} | ||||
| Release: 2%{?dist} | ||||
| License: Python | ||||
| 
 | ||||
| 
 | ||||
| @ -399,6 +399,14 @@ Patch329: 00329-fips.patch | ||||
| # a nightmare because it's basically a binary file. | ||||
| Patch353: 00353-architecture-names-upstream-downstream.patch | ||||
| 
 | ||||
| # 00397 # | ||||
| # Add filters for tarfile extraction (CVE-2007-4559, PEP-706) | ||||
| # The first patch backports the upstream fix: | ||||
| # - https://github.com/python/cpython/pull/104382 | ||||
| # The second patch is Red Hat configuration, see KB for documentation: | ||||
| # - https://access.redhat.com/articles/7004769 | ||||
| Patch397: 00397-tarfile-filter.patch | ||||
| 
 | ||||
| # (New patches go here ^^^) | ||||
| # | ||||
| # When adding new patches to "python" and "python3" in Fedora, EL, etc., | ||||
| @ -1800,6 +1808,10 @@ CheckPython optimized | ||||
| # ====================================================== | ||||
| 
 | ||||
| %changelog | ||||
| * Tue Mar 07 2023 Petr Viktorin <pviktori@redhat.com> - 3.9.16-2 | ||||
| - Add filters for tarfile extraction (CVE-2007-4559, PEP-706) | ||||
| Resolves: rhbz#263261 | ||||
| 
 | ||||
| * Thu Dec 08 2022 Charalampos Stratakis <cstratak@redhat.com> - 3.9.16-1 | ||||
| - Update to 3.9.16 | ||||
| - Security fixes for CVE-2022-42919 and CVE-2022-45061 | ||||
|  | ||||
		Loading…
	
		Reference in New Issue
	
	Block a user