dgit.raspbian.org Git - python3.9.git/commit

author	Stan Ulbrych <stan@python.org>
	Mon, 13 Apr 2026 21:42:36 +0000 (22:42 +0100)
committer	Arnaud Rebillout <arnaudr@debian.org>
	Tue, 14 Apr 2026 04:38:32 +0000 (11:38 +0700)
commit	91671b35f46d0dd0dd14493e8252074cc8b606ba
tree	eefdfc4f1549745960abebda927e5598e10674d4	tree \| snapshot
parent	09cea458e46b79dc00fe00f44084e207a7a994dc	commit \| diff

[PATCH] [3.11] gh-148395: Fix a possible UAF in `{LZMA,BZ2}Decompressor` (GH-148396) (#148504)

Fix dangling input pointer after `MemoryError` in _lzma/_bz2/_ZlibDecompressor.decompress

(cherry picked from commit 8fc66aef6d7b3ae58f43f5c66f9366cc8cbbfcd2)

Origin: upstream, https://github.com/python/cpython/commit/e20c6c9667c99ecaab96e1a2b3767082841ffc8b

Gbp-Pq: Name CVE-2026-6100.patch

Misc/NEWS.d/next/Security/2026-04-10-16-28-21.gh-issue-148395.kfzm0G.rst	[new file with mode: 0644]	blob
Modules/_bz2module.c		diff \| blob \| history
Modules/_lzmamodule.c		diff \| blob \| history

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom