dgit.raspbian.org Git - python3.9.git/commit

author	Stan Ulbrych <stan@python.org>
	Mon, 13 Apr 2026 21:42:36 +0000 (22:42 +0100)
committer	Arnaud Rebillout <arnaudr@debian.org>
	Thu, 14 May 2026 03:00:00 +0000 (10:00 +0700)
commit	6561de9de1ff5d1dcfcd44acb308a8d0b64bc413
tree	deaca92cc9aab729d2588a0f1b14e495027776c6	tree \| snapshot
parent	a6068747a68ddddc0556f7f804c3cb0c5180bced	commit \| diff

[PATCH] [3.10] gh-148395: Fix a possible UAF in `{LZMA,BZ2}Decompressor` (GH-148396) (#148505)

Fix dangling input pointer after `MemoryError` in _lzma/_bz2/_ZlibDecompressor.decompress

(cherry picked from commit 8fc66aef6d7b3ae58f43f5c66f9366cc8cbbfcd2)

Origin: upstream, https://github.com/python/cpython/commit/47128e64f98c3a20271138a98c2922bea2a3ee0e

Gbp-Pq: Name CVE-2026-6100.patch

Misc/NEWS.d/next/Security/2026-04-10-16-28-21.gh-issue-148395.kfzm0G.rst	[new file with mode: 0644]	blob
Modules/_bz2module.c		diff \| blob \| history
Modules/_lzmamodule.c		diff \| blob \| history

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom