Package: release.debian.org Severity: normal Tags: trixie X-Debbugs-Cc: [email protected], [email protected] Control: affects -1 + src:python3.13 User: [email protected] Usertags: pu
This update fixes five low impact security issues in Python, all patches were cherrypicked from the upstream 3.13 branch. All tests triggered via debusine look good. Debdiff below. diff -Nru python3.13-3.13.5/debian/changelog python3.13-3.13.5/debian/changelog --- python3.13-3.13.5/debian/changelog 2026-05-05 23:05:52.000000000 +0200 +++ python3.13-3.13.5/debian/changelog 2026-06-08 22:58:08.000000000 +0200 @@ -1,3 +1,13 @@ +python3.13 (3.13.5-2+deb13u3) trixie; urgency=medium + + * CVE-2026-1502 + * CVE-2026-3276 + * CVE-2026-7774 + * CVE-2026-8328 + * CVE-2026-9669 + + -- Moritz Mühlenhoff <[email protected]> Mon, 08 Jun 2026 22:58:08 +0200 + python3.13 (3.13.5-2+deb13u2) trixie; urgency=medium * CVE-2026-3446 diff -Nru python3.13-3.13.5/debian/patches/CVE-2026-1502.patch python3.13-3.13.5/debian/patches/CVE-2026-1502.patch --- python3.13-3.13.5/debian/patches/CVE-2026-1502.patch 1970-01-01 01:00:00.000000000 +0100 +++ python3.13-3.13.5/debian/patches/CVE-2026-1502.patch 2026-06-08 22:55:25.000000000 +0200 @@ -0,0 +1,87 @@ +From 9e071c9b28c17f347f81b388a003d4eeb3c7a8dd Mon Sep 17 00:00:00 2001 +From: "Miss Islington (bot)" + <[email protected]> +Date: Mon, 18 May 2026 19:44:36 +0200 +Subject: [PATCH] [3.13] gh-146211: Reject CR/LF in HTTP tunnel request headers + (GH-146212) (#148343) + +--- python3.13-3.13.5.orig/Lib/http/client.py ++++ python3.13-3.13.5/Lib/http/client.py +@@ -972,13 +972,22 @@ class HTTPConnection: + return ip + + def _tunnel(self): ++ if _contains_disallowed_url_pchar_re.search(self._tunnel_host): ++ raise ValueError('Tunnel host can\'t contain control characters %r' ++ % (self._tunnel_host,)) + connect = b"CONNECT %s:%d %s\r\n" % ( + self._wrap_ipv6(self._tunnel_host.encode("idna")), + self._tunnel_port, + self._http_vsn_str.encode("ascii")) + headers = [connect] + for header, value in self._tunnel_headers.items(): +- headers.append(f"{header}: {value}\r\n".encode("latin-1")) ++ header_bytes = header.encode("latin-1") ++ value_bytes = value.encode("latin-1") ++ if not _is_legal_header_name(header_bytes): ++ raise ValueError('Invalid header name %r' % (header_bytes,)) ++ if _is_illegal_header_value(value_bytes): ++ raise ValueError('Invalid header value %r' % (value_bytes,)) ++ headers.append(b"%s: %s\r\n" % (header_bytes, value_bytes)) + headers.append(b"\r\n") + # Making a single send() call instead of one per line encourages + # the host OS to use a more optimal packet size instead of +--- python3.13-3.13.5.orig/Lib/test/test_httplib.py ++++ python3.13-3.13.5/Lib/test/test_httplib.py +@@ -370,6 +370,51 @@ class HeaderTests(TestCase, ExtraAsserti + with self.assertRaisesRegex(ValueError, 'Invalid header'): + conn.putheader(name, value) + ++ def test_invalid_tunnel_headers(self): ++ cases = ( ++ ('Invalid\r\nName', 'ValidValue'), ++ ('Invalid\rName', 'ValidValue'), ++ ('Invalid\nName', 'ValidValue'), ++ ('\r\nInvalidName', 'ValidValue'), ++ ('\rInvalidName', 'ValidValue'), ++ ('\nInvalidName', 'ValidValue'), ++ (' InvalidName', 'ValidValue'), ++ ('\tInvalidName', 'ValidValue'), ++ ('Invalid:Name', 'ValidValue'), ++ (':InvalidName', 'ValidValue'), ++ ('ValidName', 'Invalid\r\nValue'), ++ ('ValidName', 'Invalid\rValue'), ++ ('ValidName', 'Invalid\nValue'), ++ ('ValidName', 'InvalidValue\r\n'), ++ ('ValidName', 'InvalidValue\r'), ++ ('ValidName', 'InvalidValue\n'), ++ ) ++ for name, value in cases: ++ with self.subTest((name, value)): ++ conn = client.HTTPConnection('example.com') ++ conn.set_tunnel('tunnel', headers={ ++ name: value ++ }) ++ conn.sock = FakeSocket('') ++ with self.assertRaisesRegex(ValueError, 'Invalid header'): ++ conn._tunnel() # Called in .connect() ++ ++ def test_invalid_tunnel_host(self): ++ cases = ( ++ 'invalid\r.host', ++ '\ninvalid.host', ++ 'invalid.host\r\n', ++ 'invalid.host\x00', ++ 'invalid host', ++ ) ++ for tunnel_host in cases: ++ with self.subTest(tunnel_host): ++ conn = client.HTTPConnection('example.com') ++ conn.set_tunnel(tunnel_host) ++ conn.sock = FakeSocket('') ++ with self.assertRaisesRegex(ValueError, 'Tunnel host can\'t contain control characters'): ++ conn._tunnel() # Called in .connect() ++ + def test_headers_debuglevel(self): + body = ( + b'HTTP/1.1 200 OK\r\n' diff -Nru python3.13-3.13.5/debian/patches/CVE-2026-3276.patch python3.13-3.13.5/debian/patches/CVE-2026-3276.patch --- python3.13-3.13.5/debian/patches/CVE-2026-3276.patch 1970-01-01 01:00:00.000000000 +0100 +++ python3.13-3.13.5/debian/patches/CVE-2026-3276.patch 2026-06-08 22:56:22.000000000 +0200 @@ -0,0 +1,231 @@ +From ba785b88add96acbf403d65cb157fb2743a33a32 Mon Sep 17 00:00:00 2001 +From: Petr Viktorin <[email protected]> +Date: Tue, 2 Jun 2026 18:12:42 +0200 +Subject: [PATCH] [3.13] gh-149079: Fix O(n^2) canonical ordering in + unicodedata.normalize() (GH-149080) (#150780) + +--- python3.13-3.13.5.orig/Lib/test/test_unicodedata.py ++++ python3.13-3.13.5/Lib/test/test_unicodedata.py +@@ -229,6 +229,34 @@ class UnicodeFunctionsTest(UnicodeDataba + b = 'C\u0338' * 20 + '\xC7' + self.assertEqual(self.db.normalize('NFC', a), b) + ++ def test_long_combining_mark_run(self): ++ # gh-149079: avoid quadratic canonical ordering. ++ payload = "a" + ("\u0300\u0327" * 32) ++ nfd = "a" + ("\u0327" * 32) + ("\u0300" * 32) ++ nfc = "\u00e0" + ("\u0327" * 32) + ("\u0300" * 31) ++ ++ self.assertEqual(self.db.normalize("NFD", payload), nfd) ++ self.assertEqual(self.db.normalize("NFKD", payload), nfd) ++ self.assertEqual(self.db.normalize("NFC", payload), nfc) ++ self.assertEqual(self.db.normalize("NFKC", payload), nfc) ++ ++ def test_combining_mark_run_fast_paths(self): ++ # gh-149079: cover short runs and already-sorted long runs. ++ short_payload = "a" + ("\u0300\u0327" * 9) + "\u0300" ++ short_nfd = "a" + ("\u0327" * 9) + ("\u0300" * 10) ++ short_nfc = "\u00e0" + ("\u0327" * 9) + ("\u0300" * 9) ++ long_sorted = "a" + ("\u0327" * 30) + ("\u0300" * 30) ++ long_sorted_nfc = "\u00e0" + ("\u0327" * 30) + ("\u0300" * 29) ++ ++ self.assertEqual(self.db.normalize("NFD", short_payload), short_nfd) ++ self.assertEqual(self.db.normalize("NFKD", short_payload), short_nfd) ++ self.assertEqual(self.db.normalize("NFC", short_payload), short_nfc) ++ self.assertEqual(self.db.normalize("NFKC", short_payload), short_nfc) ++ self.assertEqual(self.db.normalize("NFD", long_sorted), long_sorted) ++ self.assertEqual(self.db.normalize("NFKD", long_sorted), long_sorted) ++ self.assertEqual(self.db.normalize("NFC", long_sorted), long_sorted_nfc) ++ self.assertEqual(self.db.normalize("NFKC", long_sorted), long_sorted_nfc) ++ + def test_issue29456(self): + # Fix #29456 + u1176_str_a = '\u1100\u1176\u11a8' +--- python3.13-3.13.5.orig/Modules/unicodedata.c ++++ python3.13-3.13.5/Modules/unicodedata.c +@@ -488,19 +488,80 @@ get_decomp_record(PyObject *self, Py_UCS + #define NCount (VCount*TCount) + #define SCount (LCount*NCount) + ++/* Small combining runs are usually cheaper with insertion sort. */ ++#define CANONICAL_ORDERING_COUNTING_SORT_THRESHOLD 20 ++ ++static void ++canonical_ordering_sort_insertion(int kind, void *data, ++ Py_ssize_t start, Py_ssize_t end) ++{ ++ for (Py_ssize_t i = start + 1; i < end; i++) { ++ Py_UCS4 code = PyUnicode_READ(kind, data, i); ++ unsigned char combining = _getrecord_ex(code)->combining; ++ Py_ssize_t j = i; ++ ++ while (j > start) { ++ Py_UCS4 previous = PyUnicode_READ(kind, data, j - 1); ++ if (_getrecord_ex(previous)->combining <= combining) { ++ break; ++ } ++ PyUnicode_WRITE(kind, data, j, previous); ++ j--; ++ } ++ if (j != i) { ++ PyUnicode_WRITE(kind, data, j, code); ++ } ++ } ++} ++ ++static void ++canonical_ordering_sort_counting(int kind, void *data, ++ Py_ssize_t start, Py_ssize_t end, ++ Py_UCS4 *sortbuf) ++{ ++ Py_ssize_t counts[256] = {0}; ++ Py_ssize_t run_length = end - start; ++ Py_ssize_t total = 0; ++ ++ for (Py_ssize_t i = start; i < end; i++) { ++ Py_UCS4 code = PyUnicode_READ(kind, data, i); ++ unsigned char combining = _getrecord_ex(code)->combining; ++ counts[combining]++; ++ } ++ ++ for (size_t i = 0; i < Py_ARRAY_LENGTH(counts); i++) { ++ Py_ssize_t count = counts[i]; ++ counts[i] = total; ++ total += count; ++ } ++ ++ /* Reuse counts[] as the next output slot for each CCC. */ ++ for (Py_ssize_t i = start; i < end; i++) { ++ Py_UCS4 code = PyUnicode_READ(kind, data, i); ++ unsigned char combining = _getrecord_ex(code)->combining; ++ sortbuf[counts[combining]++] = code; ++ } ++ for (Py_ssize_t i = 0; i < run_length; i++) { ++ PyUnicode_WRITE(kind, data, start + i, sortbuf[i]); ++ } ++} ++ + static PyObject* + nfd_nfkd(PyObject *self, PyObject *input, int k) + { + PyObject *result; + Py_UCS4 *output; + Py_ssize_t i, o, osize; +- int kind; +- const void *data; ++ int input_kind, result_kind; ++ const void *input_data; ++ void *result_data; + /* Longest decomposition in Unicode 3.2: U+FDFA */ + Py_UCS4 stack[20]; + Py_ssize_t space, isize; + int index, prefix, count, stackptr; + unsigned char prev, cur; ++ Py_UCS4 *sortbuf = NULL; ++ Py_ssize_t sortbuflen = 0; + + stackptr = 0; + isize = PyUnicode_GET_LENGTH(input); +@@ -520,11 +581,11 @@ nfd_nfkd(PyObject *self, PyObject *input + return NULL; + } + i = o = 0; +- kind = PyUnicode_KIND(input); +- data = PyUnicode_DATA(input); ++ input_kind = PyUnicode_KIND(input); ++ input_data = PyUnicode_DATA(input); + + while (i < isize) { +- stack[stackptr++] = PyUnicode_READ(kind, data, i++); ++ stack[stackptr++] = PyUnicode_READ(input_kind, input_data, i++); + while(stackptr) { + Py_UCS4 code = stack[--stackptr]; + /* Hangul Decomposition adds three characters in +@@ -589,35 +650,66 @@ nfd_nfkd(PyObject *self, PyObject *input + PyMem_Free(output); + if (!result) + return NULL; ++ + /* result is guaranteed to be ready, as it is compact. */ +- kind = PyUnicode_KIND(result); +- data = PyUnicode_DATA(result); ++ result_kind = PyUnicode_KIND(result); ++ result_data = PyUnicode_DATA(result); + +- /* Sort canonically. */ ++ /* Sort each consecutive combining-character run canonically. */ + i = 0; +- prev = _getrecord_ex(PyUnicode_READ(kind, data, i))->combining; +- for (i++; i < PyUnicode_GET_LENGTH(result); i++) { +- cur = _getrecord_ex(PyUnicode_READ(kind, data, i))->combining; +- if (prev == 0 || cur == 0 || prev <= cur) { +- prev = cur; ++ while (i < o) { ++ Py_ssize_t run_length, run_start; ++ int needs_sort = 0; ++ ++ Py_UCS4 ch = PyUnicode_READ(result_kind, result_data, i); ++ prev = _getrecord_ex(ch)->combining; ++ if (prev == 0) { ++ i++; + continue; + } +- /* Non-canonical order. Need to switch *i with previous. */ +- o = i - 1; +- while (1) { +- Py_UCS4 tmp = PyUnicode_READ(kind, data, o+1); +- PyUnicode_WRITE(kind, data, o+1, +- PyUnicode_READ(kind, data, o)); +- PyUnicode_WRITE(kind, data, o, tmp); +- o--; +- if (o < 0) +- break; +- prev = _getrecord_ex(PyUnicode_READ(kind, data, o))->combining; +- if (prev == 0 || prev <= cur) ++ ++ run_start = i++; ++ while (i < o) { ++ Py_UCS4 ch = PyUnicode_READ(result_kind, result_data, i); ++ cur = _getrecord_ex(ch)->combining; ++ if (cur == 0) { + break; ++ } ++ if (prev > cur) { ++ needs_sort = 1; ++ } ++ prev = cur; ++ i++; + } +- prev = _getrecord_ex(PyUnicode_READ(kind, data, i))->combining; ++ if (!needs_sort) { ++ continue; ++ } ++ ++ run_length = i - run_start; ++ if (run_length < CANONICAL_ORDERING_COUNTING_SORT_THRESHOLD) { ++ canonical_ordering_sort_insertion(result_kind, result_data, ++ run_start, i); ++ continue; ++ } ++ ++ if (run_length > sortbuflen) { ++ Py_UCS4 *new_sortbuf = PyMem_Resize(sortbuf, ++ Py_UCS4, ++ run_length); ++ if (new_sortbuf == NULL) { ++ PyErr_NoMemory(); ++ PyMem_Free(sortbuf); ++ Py_DECREF(result); ++ return NULL; ++ } ++ sortbuf = new_sortbuf; ++ sortbuflen = run_length; ++ } ++ ++ canonical_ordering_sort_counting(result_kind, result_data, ++ run_start, i, sortbuf); + } ++ PyMem_Free(sortbuf); + return result; + } + diff -Nru python3.13-3.13.5/debian/patches/CVE-2026-7774.patch python3.13-3.13.5/debian/patches/CVE-2026-7774.patch --- python3.13-3.13.5/debian/patches/CVE-2026-7774.patch 1970-01-01 01:00:00.000000000 +0100 +++ python3.13-3.13.5/debian/patches/CVE-2026-7774.patch 2026-06-08 22:57:15.000000000 +0200 @@ -0,0 +1,225 @@ +From 0478bd83d82b255e0f29f613367a59d261e7eaa2 Mon Sep 17 00:00:00 2001 +From: "Miss Islington (bot)" + <[email protected]> +Date: Mon, 11 May 2026 11:58:26 +0200 +Subject: [PATCH] [3.13] gh-149486: tarfile.data_filter: validate written link + target (GH-149487) (GH-149555) + +--- python3.13-3.13.5.orig/Lib/tarfile.py ++++ python3.13-3.13.5/Lib/tarfile.py +@@ -819,16 +819,22 @@ def _get_filtered_attrs(member, dest_pat + if member.islnk() or member.issym(): + if os.path.isabs(member.linkname): + raise AbsoluteLinkError(member) ++ # A link member that resolves to the destination directory itself ++ # would replace it with a (sym)link, redirecting the destination ++ # for all subsequent members. ++ if target_path == dest_path: ++ raise OutsideDestinationError(member, target_path) + normalized = os.path.normpath(member.linkname) + if normalized != member.linkname: + new_attrs['linkname'] = normalized + if member.issym(): +- target_path = os.path.join(dest_path, +- os.path.dirname(name), +- member.linkname) ++ # The symlink is created at `name` with trailing separators ++ # stripped, so its target is relative to the directory ++ # containing that path. ++ link_dir = os.path.dirname(name.rstrip('/' + os.sep)) ++ target_path = os.path.join(dest_path, link_dir, normalized) + else: +- target_path = os.path.join(dest_path, +- member.linkname) ++ target_path = os.path.join(dest_path, normalized) + target_path = os.path.realpath(target_path, + strict=os.path.ALLOW_MISSING) + if os.path.commonpath([target_path, dest_path]) != dest_path: +--- python3.13-3.13.5.orig/Lib/test/test_tarfile.py ++++ python3.13-3.13.5/Lib/test/test_tarfile.py +@@ -3588,6 +3588,39 @@ class TestExtractionFilters(unittest.Tes + # The destination for the extraction, within `outerdir` + destdir = outerdir / 'dest' + ++ @classmethod ++ def setUpClass(cls): ++ # Posix and Windows have different pathname resolution: ++ # either symlink or a '..' component resolve first. ++ # Let's see which we are on. ++ if os_helper.can_symlink(): ++ testpath = os.path.join(TEMPDIR, 'resolution_test') ++ os.mkdir(testpath) ++ ++ # testpath/current links to `.` which is all of: ++ # - `testpath` ++ # - `testpath/current` ++ # - `testpath/current/current` ++ # - etc. ++ os.symlink('.', os.path.join(testpath, 'current')) ++ ++ # we'll test where `testpath/current/../file` ends up ++ with open(os.path.join(testpath, 'current', '..', 'file'), 'w'): ++ pass ++ ++ if os.path.exists(os.path.join(testpath, 'file')): ++ # Windows collapses 'current\..' to '.' first, leaving ++ # 'testpath\file' ++ cls.dotdot_resolves_early = True ++ elif os.path.exists(os.path.join(testpath, '..', 'file')): ++ # Posix resolves 'current' to '.' first, leaving ++ # 'testpath/../file' ++ cls.dotdot_resolves_early = False ++ else: ++ raise AssertionError('Could not determine link resolution') ++ else: ++ cls.dotdot_resolves_early = False ++ + @contextmanager + def check_context(self, tar, filter, *, check_flag=True): + """Extracts `tar` to `self.destdir` and allows checking the result +@@ -3759,10 +3792,19 @@ class TestExtractionFilters(unittest.Tes + + "which is outside the destination") + + with self.check_context(arc.open(), 'data'): +- self.expect_exception( +- tarfile.LinkOutsideDestinationError, +- """'parent' would link to ['"].*outerdir['"], """ +- + "which is outside the destination") ++ if self.dotdot_resolves_early: ++ # 'current/../..' normalises to '..', which is rejected. ++ self.expect_exception( ++ tarfile.LinkOutsideDestinationError, ++ """'parent' would link to ['"].*outerdir['"], """ ++ + "which is outside the destination") ++ else: ++ # 'current/..' normalises to '.'; the rewritten link is ++ # created and 'parent/evil' lands harmlessly inside the ++ # destination. ++ self.expect_file('current', symlink_to='.') ++ self.expect_file('parent', symlink_to='.') ++ self.expect_file('evil') + + else: + # No symlink support. The symlinks are ignored. +@@ -3852,35 +3894,6 @@ class TestExtractionFilters(unittest.Tes + # Test interplaying symlinks + # Inspired by 'dirsymlink2b' in jwilk/traversal-archives + +- # Posix and Windows have different pathname resolution: +- # either symlink or a '..' component resolve first. +- # Let's see which we are on. +- if os_helper.can_symlink(): +- testpath = os.path.join(TEMPDIR, 'resolution_test') +- os.mkdir(testpath) +- +- # testpath/current links to `.` which is all of: +- # - `testpath` +- # - `testpath/current` +- # - `testpath/current/current` +- # - etc. +- os.symlink('.', os.path.join(testpath, 'current')) +- +- # we'll test where `testpath/current/../file` ends up +- with open(os.path.join(testpath, 'current', '..', 'file'), 'w'): +- pass +- +- if os.path.exists(os.path.join(testpath, 'file')): +- # Windows collapses 'current\..' to '.' first, leaving +- # 'testpath\file' +- dotdot_resolves_early = True +- elif os.path.exists(os.path.join(testpath, '..', 'file')): +- # Posix resolves 'current' to '.' first, leaving +- # 'testpath/../file' +- dotdot_resolves_early = False +- else: +- raise AssertionError('Could not determine link resolution') +- + with ArchiveMaker() as arc: + + # `current` links to `.` which is both the destination directory +@@ -3916,7 +3929,7 @@ class TestExtractionFilters(unittest.Tes + + with self.check_context(arc.open(), 'data'): + if os_helper.can_symlink(): +- if dotdot_resolves_early: ++ if self.dotdot_resolves_early: + # Fail when extracting a file outside destination + self.expect_exception( + tarfile.OutsideDestinationError, +@@ -4037,6 +4050,76 @@ class TestExtractionFilters(unittest.Tes + + "destination") + + @symlink_test ++ @os_helper.skip_unless_symlink ++ def test_normpath_realpath_mismatch(self): ++ # The link-target check must validate the value that will actually ++ # be written to disk (the normalised linkname), not the original. ++ # Here 'a' is a symlink to a deep nonexistent path, so realpath() ++ # of 'a/../../...' stays inside the destination while normpath() ++ # collapses 'a/..' lexically and escapes. ++ depth = len(self.destdir.parts) + 5 ++ deep = '/'.join(f'p{i}' for i in range(depth)) ++ sneaky = 'a/' + '../' * depth + 'flag' ++ for kind in 'symlink_to', 'hardlink_to': ++ with self.subTest(kind): ++ with ArchiveMaker() as arc: ++ arc.add('a', symlink_to=deep) ++ arc.add('escape', **{kind: sneaky}) ++ with self.check_context(arc.open(), 'data'): ++ self.expect_exception( ++ tarfile.LinkOutsideDestinationError) ++ ++ @symlink_test ++ @os_helper.skip_unless_symlink ++ def test_symlink_trailing_slash(self): ++ # A trailing slash on a symlink member's name must not cause the ++ # link target to be resolved relative to the wrong directory. ++ with ArchiveMaker() as arc: ++ t = tarfile.TarInfo('x/') ++ t.type = tarfile.SYMTYPE ++ t.linkname = '..' ++ arc.tar_w.addfile(t) ++ arc.add('x/escaped', content='hi') ++ ++ with self.check_context(arc.open(), 'data'): ++ self.expect_exception(tarfile.LinkOutsideDestinationError) ++ ++ @symlink_test ++ @os_helper.skip_unless_symlink ++ def test_link_at_destination(self): ++ # A link member whose name resolves to the destination directory ++ # itself must be rejected: otherwise the destination is replaced ++ # by a symlink and later members can be redirected through it. ++ for name in '', '.', './': ++ with ArchiveMaker() as arc: ++ t = tarfile.TarInfo(name) ++ t.type = tarfile.SYMTYPE ++ t.linkname = '.' ++ arc.tar_w.addfile(t) ++ ++ with self.check_context(arc.open(), 'data'): ++ self.expect_exception(tarfile.OutsideDestinationError) ++ ++ @symlink_test ++ @os_helper.skip_unless_symlink ++ def test_empty_name_symlink_chain(self): ++ # Regression test for a chain of empty-named symlinks that ++ # incrementally redirects the destination outwards. ++ with ArchiveMaker() as arc: ++ for name, target in [('', ''), ('a/', '..'), ++ ('', 'dummy'), ('', 'a'), ++ ('b/', '..'), ++ ('', 'dummy'), ('', 'a/b')]: ++ t = tarfile.TarInfo(name) ++ t.type = tarfile.SYMTYPE ++ t.linkname = target ++ arc.tar_w.addfile(t) ++ arc.add('escaped', content='hi') ++ ++ with self.check_context(arc.open(), 'data'): ++ self.expect_exception(tarfile.FilterError) ++ ++ @symlink_test + def test_deep_symlink(self): + # Test that symlinks and hardlinks inside a directory + # point to the correct file (`target` of size 3). diff -Nru python3.13-3.13.5/debian/patches/CVE-2026-8328.patch python3.13-3.13.5/debian/patches/CVE-2026-8328.patch --- python3.13-3.13.5/debian/patches/CVE-2026-8328.patch 1970-01-01 01:00:00.000000000 +0100 +++ python3.13-3.13.5/debian/patches/CVE-2026-8328.patch 2026-06-08 22:58:04.000000000 +0200 @@ -0,0 +1,79 @@ +From bb3446dda6c49b32e67c11dbbbf221b40be00763 Mon Sep 17 00:00:00 2001 +From: "Miss Islington (bot)" + <[email protected]> +Date: Wed, 13 May 2026 19:58:26 +0200 +Subject: [PATCH] [3.13] gh-87451: Apply CVE-2021-4189 PASV fix to + ftplib.ftpcp() (GH-149648) (#149794) + +--- python3.13-3.13.5.orig/Lib/ftplib.py ++++ python3.13-3.13.5/Lib/ftplib.py +@@ -883,7 +883,16 @@ def ftpcp(source, sourcename, target, ta + type = 'TYPE ' + type + source.voidcmd(type) + target.voidcmd(type) +- sourcehost, sourceport = parse227(source.sendcmd('PASV')) ++ # Don't trust the IPv4 address the source server advertises in its PASV ++ # reply: a malicious source could otherwise point the target's data ++ # connection at an arbitrary host (SSRF). A caller that needs the old ++ # behavior can set trust_server_pasv_ipv4_address on the source FTP ++ # object. See FTP.makepasv(), which applies the same rule. ++ untrusted_host, sourceport = parse227(source.sendcmd('PASV')) ++ if source.trust_server_pasv_ipv4_address: ++ sourcehost = untrusted_host ++ else: ++ sourcehost = source.sock.getpeername()[0] + target.sendport(sourcehost, sourceport) + # RFC 959: the user must "listen" [...] BEFORE sending the + # transfer request. +--- python3.13-3.13.5.orig/Lib/test/test_ftplib.py ++++ python3.13-3.13.5/Lib/test/test_ftplib.py +@@ -16,7 +16,7 @@ try: + except ImportError: + ssl = None + +-from unittest import TestCase, skipUnless ++from unittest import mock, TestCase, skipUnless + from test import support + from test.support import requires_subprocess + from test.support import threading_helper +@@ -1145,6 +1145,40 @@ class TestTimeouts(TestCase): + ftp.close() + + ++class TestFtpcpSecurity(TestCase): ++ """ftpcp() must not trust the host a source server advertises in PASV. ++ ++ A malicious source server can otherwise redirect the target server's ++ data connection to an arbitrary host:port (SSRF), so ftpcp() uses the ++ source server's actual peer address instead, the same as FTP.makepasv(). ++ """ ++ ++ def _make_pair(self, *, advertised_host, real_host, trust=False): ++ source = mock.Mock(spec=ftplib.FTP) ++ source.trust_server_pasv_ipv4_address = trust ++ source.sock.getpeername.return_value = (real_host, 21) ++ # PASV replies give the host as comma-separated octets, not dotted. ++ advertised = advertised_host.replace('.', ',') ++ source.sendcmd.side_effect = lambda cmd: ( ++ f'227 Entering Passive Mode ({advertised},1,2).' ++ if cmd == 'PASV' else '150 ok') ++ target = mock.Mock(spec=ftplib.FTP) ++ target.sendcmd.return_value = '150 ok' ++ return source, target ++ ++ def test_ftpcp_ignores_untrusted_pasv_host(self): ++ source, target = self._make_pair(advertised_host='10.0.0.5', ++ real_host='198.51.100.7') ++ ftplib.ftpcp(source, 'a', target, 'b') ++ target.sendport.assert_called_once_with('198.51.100.7', 258) ++ ++ def test_ftpcp_trust_server_pasv_ipv4_address(self): ++ source, target = self._make_pair(advertised_host='10.0.0.5', ++ real_host='198.51.100.7', trust=True) ++ ftplib.ftpcp(source, 'a', target, 'b') ++ target.sendport.assert_called_once_with('10.0.0.5', 258) ++ ++ + class MiscTestCase(TestCase): + def test__all__(self): + not_exported = { diff -Nru python3.13-3.13.5/debian/patches/CVE-2026-9669.patch python3.13-3.13.5/debian/patches/CVE-2026-9669.patch --- python3.13-3.13.5/debian/patches/CVE-2026-9669.patch 1970-01-01 01:00:00.000000000 +0100 +++ python3.13-3.13.5/debian/patches/CVE-2026-9669.patch 2026-06-08 22:58:08.000000000 +0200 @@ -0,0 +1,82 @@ +From 619a12b2e545391dc436b3af79dda22337382a6f Mon Sep 17 00:00:00 2001 +From: "Miss Islington (bot)" + <[email protected]> +Date: Mon, 8 Jun 2026 11:55:32 +0200 +Subject: [PATCH] [3.13] gh-150599: Prevent bz2 decompressor reuse after errors + (GH-150600) + +--- python3.13-3.13.5.orig/Lib/test/test_bz2.py ++++ python3.13-3.13.5/Lib/test/test_bz2.py +@@ -1022,6 +1022,21 @@ class BZ2DecompressorTest(BaseTest): + # Previously, a second call could crash due to internal inconsistency + self.assertRaises(Exception, bzd.decompress, self.BAD_DATA * 30) + ++ def test_decompress_after_data_error(self): ++ data = bytes.fromhex( ++ "425a6839314159265359000000000000007fffff000000000000000000000000" ++ "00000000000000000000000000000000000000e0370000000000000000000000" ++ "000000000000000000000000000000000000000000000000000083f3" ++ ) ++ bzd = BZ2Decompressor() ++ with self.assertRaisesRegex(OSError, "Invalid data stream"): ++ bzd.decompress(data) ++ # Previously, a second call could crash due to internal inconsistency ++ self.assertFalse(bzd.needs_input) ++ self.assertFalse(bzd.eof) ++ with self.assertRaisesRegex(ValueError, "previous error"): ++ bzd.decompress(b'\x00' * 18) ++ + @support.refcount_test + def test_refleaks_in___init__(self): + gettotalrefcount = support.get_attribute(sys, 'gettotalrefcount') +--- python3.13-3.13.5.orig/Modules/_bz2module.c ++++ python3.13-3.13.5/Modules/_bz2module.c +@@ -116,6 +116,7 @@ typedef struct { + typedef struct { + PyObject_HEAD + bz_stream bzs; ++ int bzerror; + char eof; /* Py_T_BOOL expects a char */ + PyObject *unused_data; + char needs_input; +@@ -455,8 +456,11 @@ decompress_buf(BZ2Decompressor *d, Py_ss + + d->bzs_avail_in_real += bzs->avail_in; + +- if (catch_bz2_error(bzret)) ++ if (catch_bz2_error(bzret)) { ++ d->bzerror = bzret; ++ d->needs_input = 0; + goto error; ++ } + if (bzret == BZ_STREAM_END) { + d->eof = 1; + break; +@@ -624,10 +628,17 @@ _bz2_BZ2Decompressor_decompress_impl(BZ2 + PyObject *result = NULL; + + ACQUIRE_LOCK(self); +- if (self->eof) ++ if (self->eof) { + PyErr_SetString(PyExc_EOFError, "End of stream already reached"); +- else ++ } ++ else if (self->bzerror) { ++ // Re-entering BZ2_bzDecompress() after an error can write out of bounds. ++ PyErr_SetString(PyExc_ValueError, ++ "Decompressor is unusable after a previous error"); ++ } ++ else { + result = decompress(self, data->buf, data->len, max_length); ++ } + RELEASE_LOCK(self); + return result; + } +@@ -661,6 +672,7 @@ _bz2_BZ2Decompressor_impl(PyTypeObject * + return NULL; + } + ++ self->bzerror = 0; + self->needs_input = 1; + self->bzs_avail_in_real = 0; + self->input_buffer = NULL; diff -Nru python3.13-3.13.5/debian/patches/series python3.13-3.13.5/debian/patches/series --- python3.13-3.13.5/debian/patches/series 2026-05-05 23:05:32.000000000 +0200 +++ python3.13-3.13.5/debian/patches/series 2026-06-08 22:58:08.000000000 +0200 @@ -48,3 +48,8 @@ CVE-2026-4519.patch CVE-2026-6019.patch CVE-2026-6100.patch +CVE-2026-1502.patch +CVE-2026-3276.patch +CVE-2026-7774.patch +CVE-2026-8328.patch +CVE-2026-9669.patch
