Stowage/cpython
2
0
Fork 0
mirror of https://github.com/python/cpython.git synced 2025-12-31 04:23:37 +00:00
Code Issues Projects Releases Packages Wiki Activity
cpython/Misc/NEWS.d/next
History
Łukasz Langa 9e0ac76d96
[3.14] gh-135034: Normalize link targets in tarfile, add os.path.realpath(strict='allow_missing') (gh-135037) (gh-135065) 
Addresses CVEs 2024-12718, 2025-4138, 2025-4330, and 2025-4517.

(cherry picked from commit 3612d8f517)

Signed-off-by: Łukasz Langa <lukasz@langa.pl>
Co-authored-by: Petr Viktorin <encukou@gmail.com>
Co-authored-by: Seth Michael Larson <seth@python.org>
Co-authored-by: Adam Turner <9087854+AA-Turner@users.noreply.github.com>
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
2025-06-03 14:05:00 +02:00
..
Build gh-134923: Use /GENPROFILE and /USEPROFILE for Windows PGO builds (GH-134924) 2025-05-30 19:04:47 +00:00
C_API Python 3.14.0b2 2025-05-26 16:26:47 +03:00
Core_and_Builtins [3.14] gh-134908: Protect textiowrapper_iternext with critical section (gh-134910) (gh-135039) 2025-06-02 19:16:54 +00:00
Documentation Python 3.14.0b1 2025-05-06 18:33:52 +03:00
IDLE Python 3.14.0b1 2025-05-06 18:33:52 +03:00
Library [3.14] gh-132813: Improve error messages for incorrect types and values of csv.Dialog attributes (GH-133241) (GH-135050) 2025-06-02 21:01:18 +00:00
macOS Python 3.14.0a7 2025-04-08 14:20:51 +03:00
Security [3.14] gh-135034: Normalize link targets in tarfile, add os.path.realpath(strict='allow_missing') (gh-135037) (gh-135065) 2025-06-03 14:05:00 +02:00
Tests Python 3.14.0b2 2025-05-26 16:26:47 +03:00
Tools-Demos Python 3.14.0b2 2025-05-26 16:26:47 +03:00
Windows Python 3.14.0b2 2025-05-26 16:26:47 +03:00