python3: Upgrade 3.12.5 -> 3.12.6

Includes security fixes for CVE-2024-7592, CVE-2024-8088, CVE-2024-6232, CVE-2023-27043 and other bug fixes. Removed below patches, as the fix is included in 3.12.6 upgrade: 1. CVE-2024-7592.patch 2. CVE-2024-8088.patch Release Notes: https://www.python.org/downloads/release/python-3126/ (From OE-Core rev: aa492b1fd5973c37b8fa2cd17d28199eba46afcc) (From OE-Core rev: 6688a8ff2e1cbf6ad8ebd1b89ec6c929caf6a161) Signed-off-by: Divya Chellam <divya.chellam@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
author: Peter Marko <peter.marko@siemens.com> 2024-09-17 23:34:24 +0200
committer: Steve Sakoman <steve@sakoman.com> 2024-09-25 05:07:47 -0700
commit: d7249c50ecff3272afa699000884f17cce82222d (patch)
tree: facc9b49cff71ee7b0a4ea2ed5a9d7b939176c67 /meta/recipes-devtools/python/python3
parent: b9a2619bc8dd5ae58dbaeb8e507be45fc8f97ad1 (diff)
download: poky-d7249c50ecff3272afa699000884f17cce82222d.tar.gz
3 files changed, 8 insertions, 282 deletions
diff --git a/meta/recipes-devtools/python/python3/0001-test_readline-skip-limited-history-test.patch b/meta/recipes-devtools/python/python3/0001-test_readline-skip-limited-history-test.patch
index 50a4609f7a..e8d297c721 100644
--- a/meta/recipes-devtools/python/python3/0001-test_readline-skip-limited-history-test.patch
+++ b/meta/recipes-devtools/python/python3/0001-test_readline-skip-limited-history-test.patch
@@ -16,11 +16,11 @@ Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
 Lib/test/test_readline.py | 2 ++
 1 file changed, 2 insertions(+)
-diff --git a/Lib/test/test_readline.py b/Lib/test/test_readline.py
+Index: Python-3.12.6/Lib/test/test_readline.py
-index 91fd7dd13f9..d81f9bf8eed 100644
+===================================================================
--- a/Lib/test/test_readline.py
+--- Python-3.12.6.orig/Lib/test/test_readline.py
-+++ b/Lib/test/test_readline.py
+++ Python-3.12.6/Lib/test/test_readline.py
-@@ -132,6 +132,7 @@ def test_nonascii_history(self):
+@@ -133,6 +133,7 @@ class TestHistoryManipulation (unittest.
         self.assertEqual(readline.get_history_item(1), "entrée 1")
         self.assertEqual(readline.get_history_item(2), "entrée 22")
 
@@ -28,14 +28,11 @@ index 91fd7dd13f9..d81f9bf8eed 100644
     def test_write_read_limited_history(self):
         previous_length = readline.get_history_length()
         self.addCleanup(readline.set_history_length, previous_length)
-@@ -349,6 +350,7 @@ def test_history_size(self):
+@@ -371,6 +372,7 @@ readline.write_history_file(history_file
-             self.assertEqual(len(lines), history_size)
+         self.assertIn(b"done", output)
-             self.assertEqual(lines[-1].strip(), b"last input")
+ 
 
 +    @unittest.skip("Skipping problematic test")
     def test_write_read_limited_history(self):
         previous_length = readline.get_history_length()
         self.addCleanup(readline.set_history_length, previous_length)
-- 
-2.39.2
diff --git a/meta/recipes-devtools/python/python3/CVE-2024-7592.patch b/meta/recipes-devtools/python/python3/CVE-2024-7592.patch
deleted file mode 100644
index 7a6d63005c..0000000000
--- a/meta/recipes-devtools/python/python3/CVE-2024-7592.patch
+++ /dev/null
@@ -1,143 +0,0 @@
-From dcc3eaef98cd94d6cb6cb0f44bd1c903d04f33b1 Mon Sep 17 00:00:00 2001
-From: "Miss Islington (bot)"
- <31488909+miss-islington@users.noreply.github.com>
-Date: Sun, 25 Aug 2024 00:37:11 +0200
-Subject: [PATCH] gh-123067: Fix quadratic complexity in parsing  "-quoted
- cookie values with backslashes (GH-123075) (#123104)
-gh-123067: Fix quadratic complexity in parsing "-quoted cookie values with backslashes (GH-123075)
-This fixes CVE-2024-7592.
-(cherry picked from commit 44e458357fca05ca0ae2658d62c8c595b048b5ef)
-Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
-CVE: CVE-2024-7592
-Upstream-Status: Backport [https://github.com/python/cpython/commit/dcc3eaef98cd94d6cb6cb0f44bd1c903d04f33b1]
-Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
---
- Lib/http/cookies.py                           | 34 ++++-------------
- Lib/test/test_http_cookies.py                 | 38 +++++++++++++++++++
- ...-08-16-19-13-21.gh-issue-123067.Nx9O4R.rst |  1 +
- 3 files changed, 47 insertions(+), 26 deletions(-)
- create mode 100644 Misc/NEWS.d/next/Library/2024-08-16-19-13-21.gh-issue-123067.Nx9O4R.rst
-diff --git a/Lib/http/cookies.py b/Lib/http/cookies.py
-index 35ac2dc..2c1f021 100644
--- a/Lib/http/cookies.py
-+++ b/Lib/http/cookies.py
-@@ -184,8 +184,13 @@ def _quote(str):
-         return '"' + str.translate(_Translator) + '"'
-_OctalPatt = re.compile(r"\\[0-3][0-7][0-7]")
-_QuotePatt = re.compile(r"[\\].")
-+_unquote_sub = re.compile(r'\\(?:([0-3][0-7][0-7])|(.))').sub
-+
-+def _unquote_replace(m):
-+    if m[1]:
-+        return chr(int(m[1], 8))
-+    else:
-+        return m[2]
- def _unquote(str):
-     # If there aren't any doublequotes,
-@@ -205,30 +210,7 @@ def _unquote(str):
-     #    \012 --> \n
-     #    \"   --> "
-     #
-    i = 0
-    n = len(str)
-    res = []
-    while 0 <= i < n:
-        o_match = _OctalPatt.search(str, i)
-        q_match = _QuotePatt.search(str, i)
-        if not o_match and not q_match:              # Neither matched
-            res.append(str[i:])
-            break
-        # else:
-        j = k = -1
-        if o_match:
-            j = o_match.start(0)
-        if q_match:
-            k = q_match.start(0)
-        if q_match and (not o_match or k < j):     # QuotePatt matched
-            res.append(str[i:k])
-            res.append(str[k+1])
-            i = k + 2
-        else:                                      # OctalPatt matched
-            res.append(str[i:j])
-            res.append(chr(int(str[j+1:j+4], 8)))
-            i = j + 4
-    return _nulljoin(res)
-+    return _unquote_sub(_unquote_replace, str)
- # The _getdate() routine is used to set the expiration time in the cookie's HTTP
- # header.  By default, _getdate() returns the current time in the appropriate
-diff --git a/Lib/test/test_http_cookies.py b/Lib/test/test_http_cookies.py
-index 925c869..8879902 100644
--- a/Lib/test/test_http_cookies.py
-+++ b/Lib/test/test_http_cookies.py
-@@ -5,6 +5,7 @@ import unittest
- import doctest
- from http import cookies
- import pickle
-+from test import support
- class CookieTests(unittest.TestCase):
-@@ -58,6 +59,43 @@ class CookieTests(unittest.TestCase):
-             for k, v in sorted(case['dict'].items()):
-                 self.assertEqual(C[k].value, v)
-+    def test_unquote(self):
-+        cases = [
-+            (r'a="b=\""', 'b="'),
-+            (r'a="b=\\"', 'b=\\'),
-+            (r'a="b=\="', 'b=='),
-+            (r'a="b=\n"', 'b=n'),
-+            (r'a="b=\042"', 'b="'),
-+            (r'a="b=\134"', 'b=\\'),
-+            (r'a="b=\377"', 'b=\xff'),
-+            (r'a="b=\400"', 'b=400'),
-+            (r'a="b=\42"', 'b=42'),
-+            (r'a="b=\\042"', 'b=\\042'),
-+            (r'a="b=\\134"', 'b=\\134'),
-+            (r'a="b=\\\""', 'b=\\"'),
-+            (r'a="b=\\\042"', 'b=\\"'),
-+            (r'a="b=\134\""', 'b=\\"'),
-+            (r'a="b=\134\042"', 'b=\\"'),
-+        ]
-+        for encoded, decoded in cases:
-+            with self.subTest(encoded):
-+                C = cookies.SimpleCookie()
-+                C.load(encoded)
-+                self.assertEqual(C['a'].value, decoded)
-+
-+    @support.requires_resource('cpu')
-+    def test_unquote_large(self):
-+        n = 10**6
-+        for encoded in r'\\', r'\134':
-+            with self.subTest(encoded):
-+                data = 'a="b=' + encoded*n + ';"'
-+                C = cookies.SimpleCookie()
-+                C.load(data)
-+                value = C['a'].value
-+                self.assertEqual(value[:3], 'b=\\')
-+                self.assertEqual(value[-2:], '\\;')
-+                self.assertEqual(len(value), n + 3)
-+
-     def test_load(self):
-         C = cookies.SimpleCookie()
-         C.load('Customer="WILE_E_COYOTE"; Version=1; Path=/acme')
-diff --git a/Misc/NEWS.d/next/Library/2024-08-16-19-13-21.gh-issue-123067.Nx9O4R.rst b/Misc/NEWS.d/next/Library/2024-08-16-19-13-21.gh-issue-123067.Nx9O4R.rst
-new file mode 100644
-index 0000000..6a23456
--- /dev/null
-+++ b/Misc/NEWS.d/next/Library/2024-08-16-19-13-21.gh-issue-123067.Nx9O4R.rst
-@@ -0,0 +1 @@
-+Fix quadratic complexity in parsing ``"``-quoted cookie values with backslashes by :mod:`http.cookies`.
--
-2.40.0
diff --git a/meta/recipes-devtools/python/python3/CVE-2024-8088.patch b/meta/recipes-devtools/python/python3/CVE-2024-8088.patch
deleted file mode 100644
index 13836f1ccc..0000000000
--- a/meta/recipes-devtools/python/python3/CVE-2024-8088.patch
+++ /dev/null
@@ -1,128 +0,0 @@
-From dcc5182f27c1500006a1ef78e10613bb45788dea Mon Sep 17 00:00:00 2001
-From: "Miss Islington (bot)"
- <31488909+miss-islington@users.noreply.github.com>
-Date: Mon, 12 Aug 2024 02:35:17 +0200
-Subject: [PATCH] gh-122905: Sanitize names in zipfile.Path. (GH-122906)
- (#122923)
-CVE: CVE-2024-8088
-Upstream-Status: Backport [https://github.com/python/cpython/commit/dcc5182f27c1500006a1ef78e10613bb45788dea]
-Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
---
- Lib/test/test_zipfile/_path/test_path.py      | 17 +++++
- Lib/zipfile/_path/__init__.py                 | 64 ++++++++++++++++++-
- ...-08-11-14-08-04.gh-issue-122905.7tDsxA.rst |  1 +
- 3 files changed, 81 insertions(+), 1 deletion(-)
- create mode 100644 Misc/NEWS.d/next/Library/2024-08-11-14-08-04.gh-issue-122905.7tDsxA.rst
-diff --git a/Lib/test/test_zipfile/_path/test_path.py b/Lib/test/test_zipfile/_path/test_path.py
-index 06d5aab..90885db 100644
--- a/Lib/test/test_zipfile/_path/test_path.py
-+++ b/Lib/test/test_zipfile/_path/test_path.py
-@@ -577,3 +577,20 @@ class TestPath(unittest.TestCase):
-         zipfile.Path(alpharep)
-         with self.assertRaises(KeyError):
-             alpharep.getinfo('does-not-exist')
-+
-+    def test_malformed_paths(self):
-+        """
-+        Path should handle malformed paths.
-+        """
-+        data = io.BytesIO()
-+        zf = zipfile.ZipFile(data, "w")
-+        zf.writestr("/one-slash.txt", b"content")
-+        zf.writestr("//two-slash.txt", b"content")
-+        zf.writestr("../parent.txt", b"content")
-+        zf.filename = ''
-+        root = zipfile.Path(zf)
-+        assert list(map(str, root.iterdir())) == [
-+            'one-slash.txt',
-+            'two-slash.txt',
-+            'parent.txt',
-+        ]
-diff --git a/Lib/zipfile/_path/__init__.py b/Lib/zipfile/_path/__init__.py
-index 78c4135..42f9fde 100644
--- a/Lib/zipfile/_path/__init__.py
-+++ b/Lib/zipfile/_path/__init__.py
-@@ -83,7 +83,69 @@ class InitializedState:
-         super().__init__(*args, **kwargs)
-class CompleteDirs(InitializedState, zipfile.ZipFile):
-+class SanitizedNames:
-+    """
-+    ZipFile mix-in to ensure names are sanitized.
-+    """
-+
-+    def namelist(self):
-+        return list(map(self._sanitize, super().namelist()))
-+
-+    @staticmethod
-+    def _sanitize(name):
-+        r"""
-+        Ensure a relative path with posix separators and no dot names.
-+
-+        Modeled after
-+        https://github.com/python/cpython/blob/bcc1be39cb1d04ad9fc0bd1b9193d3972835a57c/Lib/zipfile/__init__.py#L1799-L1813
-+        but provides consistent cross-platform behavior.
-+
-+        >>> san = SanitizedNames._sanitize
-+        >>> san('/foo/bar')
-+        'foo/bar'
-+        >>> san('//foo.txt')
-+        'foo.txt'
-+        >>> san('foo/.././bar.txt')
-+        'foo/bar.txt'
-+        >>> san('foo../.bar.txt')
-+        'foo../.bar.txt'
-+        >>> san('\\foo\\bar.txt')
-+        'foo/bar.txt'
-+        >>> san('D:\\foo.txt')
-+        'D/foo.txt'
-+        >>> san('\\\\server\\share\\file.txt')
-+        'server/share/file.txt'
-+        >>> san('\\\\?\\GLOBALROOT\\Volume3')
-+        '?/GLOBALROOT/Volume3'
-+        >>> san('\\\\.\\PhysicalDrive1\\root')
-+        'PhysicalDrive1/root'
-+
-+        Retain any trailing slash.
-+        >>> san('abc/')
-+        'abc/'
-+
-+        Raises a ValueError if the result is empty.
-+        >>> san('../..')
-+        Traceback (most recent call last):
-+        ...
-+        ValueError: Empty filename
-+        """
-+
-+        def allowed(part):
-+            return part and part not in {'..', '.'}
-+
-+        # Remove the drive letter.
-+        # Don't use ntpath.splitdrive, because that also strips UNC paths
-+        bare = re.sub('^([A-Z]):', r'\1', name, flags=re.IGNORECASE)
-+        clean = bare.replace('\\', '/')
-+        parts = clean.split('/')
-+        joined = '/'.join(filter(allowed, parts))
-+        if not joined:
-+            raise ValueError("Empty filename")
-+        return joined + '/' * name.endswith('/')
-+
-+
-+class CompleteDirs(InitializedState, SanitizedNames, zipfile.ZipFile):
-     """
-     A ZipFile subclass that ensures that implied directories
-     are always included in the namelist.
-diff --git a/Misc/NEWS.d/next/Library/2024-08-11-14-08-04.gh-issue-122905.7tDsxA.rst b/Misc/NEWS.d/next/Library/2024-08-11-14-08-04.gh-issue-122905.7tDsxA.rst
-new file mode 100644
-index 0000000..1be44c9
--- /dev/null
-+++ b/Misc/NEWS.d/next/Library/2024-08-11-14-08-04.gh-issue-122905.7tDsxA.rst
-@@ -0,0 +1 @@
-+:class:`zipfile.Path` objects now sanitize names from the zipfile.
--
-2.40.0
author	Peter Marko <peter.marko@siemens.com>	2024-09-17 23:34:24 +0200
committer	Steve Sakoman <steve@sakoman.com>	2024-09-25 05:07:47 -0700
commit	d7249c50ecff3272afa699000884f17cce82222d (patch)
tree	facc9b49cff71ee7b0a4ea2ed5a9d7b939176c67 /meta/recipes-devtools/python/python3
parent	b9a2619bc8dd5ae58dbaeb8e507be45fc8f97ad1 (diff)
download	poky-d7249c50ecff3272afa699000884f17cce82222d.tar.gz

diff --git a/meta/recipes-devtools/python/python3/0001-test_readline-skip-limited-history-test.patch b/meta/recipes-devtools/python/python3/0001-test_readline-skip-limited-history-test.patch index 50a4609f7a..e8d297c721 100644 --- a/meta/recipes-devtools/python/python3/0001-test_readline-skip-limited-history-test.patch +++ b/meta/recipes-devtools/python/python3/0001-test_readline-skip-limited-history-test.patch
@@ -16,11 +16,11 @@ Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
16	Lib/test/test_readline.py \| 2 ++	16	Lib/test/test_readline.py \| 2 ++
17	1 file changed, 2 insertions(+)	17	1 file changed, 2 insertions(+)
18		18
19	diff --git a/Lib/test/test_readline.py b/Lib/test/test_readline.py	19	Index: Python-3.12.6/Lib/test/test_readline.py
20	index 91fd7dd13f9..d81f9bf8eed 100644	20	===================================================================
21	--- a/Lib/test/test_readline.py	21	--- Python-3.12.6.orig/Lib/test/test_readline.py
22	+++ b/Lib/test/test_readline.py	22	+++ Python-3.12.6/Lib/test/test_readline.py
23	@@ -132,6 +132,7 @@ def test_nonascii_history(self):	23	@@ -133,6 +133,7 @@ class TestHistoryManipulation (unittest.
24	self.assertEqual(readline.get_history_item(1), "entrée 1")	24	self.assertEqual(readline.get_history_item(1), "entrée 1")
25	self.assertEqual(readline.get_history_item(2), "entrée 22")	25	self.assertEqual(readline.get_history_item(2), "entrée 22")
26		26
@@ -28,14 +28,11 @@ index 91fd7dd13f9..d81f9bf8eed 100644
28	def test_write_read_limited_history(self):	28	def test_write_read_limited_history(self):
29	previous_length = readline.get_history_length()	29	previous_length = readline.get_history_length()
30	self.addCleanup(readline.set_history_length, previous_length)	30	self.addCleanup(readline.set_history_length, previous_length)
31	@@ -349,6 +350,7 @@ def test_history_size(self):	31	@@ -371,6 +372,7 @@ readline.write_history_file(history_file
32	self.assertEqual(len(lines), history_size)	32	self.assertIn(b"done", output)
33	self.assertEqual(lines[-1].strip(), b"last input")	33
34		34
35	+ @unittest.skip("Skipping problematic test")	35	+ @unittest.skip("Skipping problematic test")
36	def test_write_read_limited_history(self):	36	def test_write_read_limited_history(self):
37	previous_length = readline.get_history_length()	37	previous_length = readline.get_history_length()
38	self.addCleanup(readline.set_history_length, previous_length)	38	self.addCleanup(readline.set_history_length, previous_length)
39	--
40	2.39.2
41


diff --git a/meta/recipes-devtools/python/python3/CVE-2024-7592.patch b/meta/recipes-devtools/python/python3/CVE-2024-7592.patch deleted file mode 100644 index 7a6d63005c..0000000000 --- a/meta/recipes-devtools/python/python3/CVE-2024-7592.patch +++ /dev/null
@@ -1,143 +0,0 @@
1	From dcc3eaef98cd94d6cb6cb0f44bd1c903d04f33b1 Mon Sep 17 00:00:00 2001
2	From: "Miss Islington (bot)"
3	<31488909+miss-islington@users.noreply.github.com>
4	Date: Sun, 25 Aug 2024 00:37:11 +0200
5	Subject: [PATCH] gh-123067: Fix quadratic complexity in parsing "-quoted
6	cookie values with backslashes (GH-123075) (#123104)
7
8	gh-123067: Fix quadratic complexity in parsing "-quoted cookie values with backslashes (GH-123075)
9
10	This fixes CVE-2024-7592.
11	(cherry picked from commit 44e458357fca05ca0ae2658d62c8c595b048b5ef)
12
13	Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
14
15	CVE: CVE-2024-7592
16
17	Upstream-Status: Backport [https://github.com/python/cpython/commit/dcc3eaef98cd94d6cb6cb0f44bd1c903d04f33b1]
18
19	Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
20	---
21	Lib/http/cookies.py \| 34 ++++-------------
22	Lib/test/test_http_cookies.py \| 38 +++++++++++++++++++
23	...-08-16-19-13-21.gh-issue-123067.Nx9O4R.rst \| 1 +
24	3 files changed, 47 insertions(+), 26 deletions(-)
25	create mode 100644 Misc/NEWS.d/next/Library/2024-08-16-19-13-21.gh-issue-123067.Nx9O4R.rst
26
27	diff --git a/Lib/http/cookies.py b/Lib/http/cookies.py
28	index 35ac2dc..2c1f021 100644
29	--- a/Lib/http/cookies.py
30	+++ b/Lib/http/cookies.py
31	@@ -184,8 +184,13 @@ def _quote(str):
32	return '"' + str.translate(_Translator) + '"'
33
34
35	-_OctalPatt = re.compile(r"\\[0-3][0-7][0-7]")
36	-_QuotePatt = re.compile(r"[\\].")
37	+_unquote_sub = re.compile(r'\\(?:([0-3][0-7][0-7])\|(.))').sub
38	+
39	+def _unquote_replace(m):
40	+ if m[1]:
41	+ return chr(int(m[1], 8))
42	+ else:
43	+ return m[2]
44
45	def _unquote(str):
46	# If there aren't any doublequotes,
47	@@ -205,30 +210,7 @@ def _unquote(str):
48	# \012 --> \n
49	# \" --> "
50	#
51	- i = 0
52	- n = len(str)
53	- res = []
54	- while 0 <= i < n:
55	- o_match = _OctalPatt.search(str, i)
56	- q_match = _QuotePatt.search(str, i)
57	- if not o_match and not q_match: # Neither matched
58	- res.append(str[i:])
59	- break
60	- # else:
61	- j = k = -1
62	- if o_match:
63	- j = o_match.start(0)
64	- if q_match:
65	- k = q_match.start(0)
66	- if q_match and (not o_match or k < j): # QuotePatt matched
67	- res.append(str[i:k])
68	- res.append(str[k+1])
69	- i = k + 2
70	- else: # OctalPatt matched
71	- res.append(str[i:j])
72	- res.append(chr(int(str[j+1:j+4], 8)))
73	- i = j + 4
74	- return _nulljoin(res)
75	+ return _unquote_sub(_unquote_replace, str)
76
77	# The _getdate() routine is used to set the expiration time in the cookie's HTTP
78	# header. By default, _getdate() returns the current time in the appropriate
79	diff --git a/Lib/test/test_http_cookies.py b/Lib/test/test_http_cookies.py
80	index 925c869..8879902 100644
81	--- a/Lib/test/test_http_cookies.py
82	+++ b/Lib/test/test_http_cookies.py
83	@@ -5,6 +5,7 @@ import unittest
84	import doctest
85	from http import cookies
86	import pickle
87	+from test import support
88
89
90	class CookieTests(unittest.TestCase):
91	@@ -58,6 +59,43 @@ class CookieTests(unittest.TestCase):
92	for k, v in sorted(case['dict'].items()):
93	self.assertEqual(C[k].value, v)
94
95	+ def test_unquote(self):
96	+ cases = [
97	+ (r'a="b=\""', 'b="'),
98	+ (r'a="b=\\"', 'b=\\'),
99	+ (r'a="b=\="', 'b=='),
100	+ (r'a="b=\n"', 'b=n'),
101	+ (r'a="b=\042"', 'b="'),
102	+ (r'a="b=\134"', 'b=\\'),
103	+ (r'a="b=\377"', 'b=\xff'),
104	+ (r'a="b=\400"', 'b=400'),
105	+ (r'a="b=\42"', 'b=42'),
106	+ (r'a="b=\\042"', 'b=\\042'),
107	+ (r'a="b=\\134"', 'b=\\134'),
108	+ (r'a="b=\\\""', 'b=\\"'),
109	+ (r'a="b=\\\042"', 'b=\\"'),
110	+ (r'a="b=\134\""', 'b=\\"'),
111	+ (r'a="b=\134\042"', 'b=\\"'),
112	+ ]
113	+ for encoded, decoded in cases:
114	+ with self.subTest(encoded):
115	+ C = cookies.SimpleCookie()
116	+ C.load(encoded)
117	+ self.assertEqual(C['a'].value, decoded)
118	+
119	+ @support.requires_resource('cpu')
120	+ def test_unquote_large(self):
121	+ n = 10**6
122	+ for encoded in r'\\', r'\134':
123	+ with self.subTest(encoded):
124	+ data = 'a="b=' + encoded*n + ';"'
125	+ C = cookies.SimpleCookie()
126	+ C.load(data)
127	+ value = C['a'].value
128	+ self.assertEqual(value[:3], 'b=\\')
129	+ self.assertEqual(value[-2:], '\\;')
130	+ self.assertEqual(len(value), n + 3)
131	+
132	def test_load(self):
133	C = cookies.SimpleCookie()
134	C.load('Customer="WILE_E_COYOTE"; Version=1; Path=/acme')
135	diff --git a/Misc/NEWS.d/next/Library/2024-08-16-19-13-21.gh-issue-123067.Nx9O4R.rst b/Misc/NEWS.d/next/Library/2024-08-16-19-13-21.gh-issue-123067.Nx9O4R.rst
136	new file mode 100644
137	index 0000000..6a23456
138	--- /dev/null
139	+++ b/Misc/NEWS.d/next/Library/2024-08-16-19-13-21.gh-issue-123067.Nx9O4R.rst
140	@@ -0,0 +1 @@
141	+Fix quadratic complexity in parsing ``"``-quoted cookie values with backslashes by :mod:`http.cookies`.
142	--
143	2.40.0


diff --git a/meta/recipes-devtools/python/python3/CVE-2024-8088.patch b/meta/recipes-devtools/python/python3/CVE-2024-8088.patch deleted file mode 100644 index 13836f1ccc..0000000000 --- a/meta/recipes-devtools/python/python3/CVE-2024-8088.patch +++ /dev/null
@@ -1,128 +0,0 @@
1	From dcc5182f27c1500006a1ef78e10613bb45788dea Mon Sep 17 00:00:00 2001
2	From: "Miss Islington (bot)"
3	<31488909+miss-islington@users.noreply.github.com>
4	Date: Mon, 12 Aug 2024 02:35:17 +0200
5	Subject: [PATCH] gh-122905: Sanitize names in zipfile.Path. (GH-122906)
6	(#122923)
7
8	CVE: CVE-2024-8088
9
10	Upstream-Status: Backport [https://github.com/python/cpython/commit/dcc5182f27c1500006a1ef78e10613bb45788dea]
11
12	Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
13	---
14	Lib/test/test_zipfile/_path/test_path.py \| 17 +++++
15	Lib/zipfile/_path/__init__.py \| 64 ++++++++++++++++++-
16	...-08-11-14-08-04.gh-issue-122905.7tDsxA.rst \| 1 +
17	3 files changed, 81 insertions(+), 1 deletion(-)
18	create mode 100644 Misc/NEWS.d/next/Library/2024-08-11-14-08-04.gh-issue-122905.7tDsxA.rst
19
20	diff --git a/Lib/test/test_zipfile/_path/test_path.py b/Lib/test/test_zipfile/_path/test_path.py
21	index 06d5aab..90885db 100644
22	--- a/Lib/test/test_zipfile/_path/test_path.py
23	+++ b/Lib/test/test_zipfile/_path/test_path.py
24	@@ -577,3 +577,20 @@ class TestPath(unittest.TestCase):
25	zipfile.Path(alpharep)
26	with self.assertRaises(KeyError):
27	alpharep.getinfo('does-not-exist')
28	+
29	+ def test_malformed_paths(self):
30	+ """
31	+ Path should handle malformed paths.
32	+ """
33	+ data = io.BytesIO()
34	+ zf = zipfile.ZipFile(data, "w")
35	+ zf.writestr("/one-slash.txt", b"content")
36	+ zf.writestr("//two-slash.txt", b"content")
37	+ zf.writestr("../parent.txt", b"content")
38	+ zf.filename = ''
39	+ root = zipfile.Path(zf)
40	+ assert list(map(str, root.iterdir())) == [
41	+ 'one-slash.txt',
42	+ 'two-slash.txt',
43	+ 'parent.txt',
44	+ ]
45	diff --git a/Lib/zipfile/_path/__init__.py b/Lib/zipfile/_path/__init__.py
46	index 78c4135..42f9fde 100644
47	--- a/Lib/zipfile/_path/__init__.py
48	+++ b/Lib/zipfile/_path/__init__.py
49	@@ -83,7 +83,69 @@ class InitializedState:
50	super().__init__(args, *kwargs)
51
52
53	-class CompleteDirs(InitializedState, zipfile.ZipFile):
54	+class SanitizedNames:
55	+ """
56	+ ZipFile mix-in to ensure names are sanitized.
57	+ """
58	+
59	+ def namelist(self):
60	+ return list(map(self._sanitize, super().namelist()))
61	+
62	+ @staticmethod
63	+ def _sanitize(name):
64	+ r"""
65	+ Ensure a relative path with posix separators and no dot names.
66	+
67	+ Modeled after
68	+ https://github.com/python/cpython/blob/bcc1be39cb1d04ad9fc0bd1b9193d3972835a57c/Lib/zipfile/__init__.py#L1799-L1813
69	+ but provides consistent cross-platform behavior.
70	+
71	+ >>> san = SanitizedNames._sanitize
72	+ >>> san('/foo/bar')
73	+ 'foo/bar'
74	+ >>> san('//foo.txt')
75	+ 'foo.txt'
76	+ >>> san('foo/.././bar.txt')
77	+ 'foo/bar.txt'
78	+ >>> san('foo../.bar.txt')
79	+ 'foo../.bar.txt'
80	+ >>> san('\\foo\\bar.txt')
81	+ 'foo/bar.txt'
82	+ >>> san('D:\\foo.txt')
83	+ 'D/foo.txt'
84	+ >>> san('\\\\server\\share\\file.txt')
85	+ 'server/share/file.txt'
86	+ >>> san('\\\\?\\GLOBALROOT\\Volume3')
87	+ '?/GLOBALROOT/Volume3'
88	+ >>> san('\\\\.\\PhysicalDrive1\\root')
89	+ 'PhysicalDrive1/root'
90	+
91	+ Retain any trailing slash.
92	+ >>> san('abc/')
93	+ 'abc/'
94	+
95	+ Raises a ValueError if the result is empty.
96	+ >>> san('../..')
97	+ Traceback (most recent call last):
98	+ ...
99	+ ValueError: Empty filename
100	+ """
101	+
102	+ def allowed(part):
103	+ return part and part not in {'..', '.'}
104	+
105	+ # Remove the drive letter.
106	+ # Don't use ntpath.splitdrive, because that also strips UNC paths
107	+ bare = re.sub('^([A-Z]):', r'\1', name, flags=re.IGNORECASE)
108	+ clean = bare.replace('\\', '/')
109	+ parts = clean.split('/')
110	+ joined = '/'.join(filter(allowed, parts))
111	+ if not joined:
112	+ raise ValueError("Empty filename")
113	+ return joined + '/' * name.endswith('/')
114	+
115	+
116	+class CompleteDirs(InitializedState, SanitizedNames, zipfile.ZipFile):
117	"""
118	A ZipFile subclass that ensures that implied directories
119	are always included in the namelist.
120	diff --git a/Misc/NEWS.d/next/Library/2024-08-11-14-08-04.gh-issue-122905.7tDsxA.rst b/Misc/NEWS.d/next/Library/2024-08-11-14-08-04.gh-issue-122905.7tDsxA.rst
121	new file mode 100644
122	index 0000000..1be44c9
123	--- /dev/null
124	+++ b/Misc/NEWS.d/next/Library/2024-08-11-14-08-04.gh-issue-122905.7tDsxA.rst
125	@@ -0,0 +1 @@
126	+:class:`zipfile.Path` objects now sanitize names from the zipfile.
127	--
128	2.40.0