summaryrefslogtreecommitdiff
path: root/bz2217902-2-aws-awscli-azure-fix-bundled-dateutil-CVE-2007-4559.patch
diff options
context:
space:
mode:
Diffstat (limited to 'bz2217902-2-aws-awscli-azure-fix-bundled-dateutil-CVE-2007-4559.patch')
-rw-r--r--bz2217902-2-aws-awscli-azure-fix-bundled-dateutil-CVE-2007-4559.patch50
1 files changed, 50 insertions, 0 deletions
diff --git a/bz2217902-2-aws-awscli-azure-fix-bundled-dateutil-CVE-2007-4559.patch b/bz2217902-2-aws-awscli-azure-fix-bundled-dateutil-CVE-2007-4559.patch
new file mode 100644
index 0000000..9706cec
--- /dev/null
+++ b/bz2217902-2-aws-awscli-azure-fix-bundled-dateutil-CVE-2007-4559.patch
@@ -0,0 +1,50 @@
+--- a/aws/dateutil/zoneinfo/rebuild.py 2023-01-26 16:29:30.000000000 +0100
++++ b/aws/dateutil/zoneinfo/rebuild.py 2023-07-19 10:12:42.277559948 +0200
+@@ -21,7 +21,12 @@
+ try:
+ with TarFile.open(filename) as tf:
+ for name in zonegroups:
+- tf.extract(name, tmpdir)
++ if hasattr(tarfile, 'data_filter'):
++ # Python with CVE-2007-4559 mitigation (PEP 706)
++ tf.extract(name, tmpdir, filter='data')
++ else:
++ # Fallback to a possibly dangerous extraction (before PEP 706)
++ tf.extract(name, tmpdir)
+ filepaths = [os.path.join(tmpdir, n) for n in zonegroups]
+
+ _run_zic(zonedir, filepaths)
+
+--- a/awscli/dateutil/zoneinfo/rebuild.py 2023-01-26 16:29:30.000000000 +0100
++++ b/awscli/dateutil/zoneinfo/rebuild.py 2023-07-19 10:12:42.277559948 +0200
+@@ -21,7 +21,12 @@
+ try:
+ with TarFile.open(filename) as tf:
+ for name in zonegroups:
+- tf.extract(name, tmpdir)
++ if hasattr(tarfile, 'data_filter'):
++ # Python with CVE-2007-4559 mitigation (PEP 706)
++ tf.extract(name, tmpdir, filter='data')
++ else:
++ # Fallback to a possibly dangerous extraction (before PEP 706)
++ tf.extract(name, tmpdir)
+ filepaths = [os.path.join(tmpdir, n) for n in zonegroups]
+
+ _run_zic(zonedir, filepaths)
+
+--- a/azure/dateutil/zoneinfo/rebuild.py 2023-01-26 16:29:30.000000000 +0100
++++ b/azure/dateutil/zoneinfo/rebuild.py 2023-07-19 10:12:42.277559948 +0200
+@@ -21,7 +21,12 @@
+ try:
+ with TarFile.open(filename) as tf:
+ for name in zonegroups:
+- tf.extract(name, tmpdir)
++ if hasattr(tarfile, 'data_filter'):
++ # Python with CVE-2007-4559 mitigation (PEP 706)
++ tf.extract(name, tmpdir, filter='data')
++ else:
++ # Fallback to a possibly dangerous extraction (before PEP 706)
++ tf.extract(name, tmpdir)
+ filepaths = [os.path.join(tmpdir, n) for n in zonegroups]
+
+ _run_zic(zonedir, filepaths)
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-20 12:09:50 +0000