Overview

File CVE-2015-20107-mailcap-unsafe-filenames.patch of Package python310.26738

From c3e7f139b440d7424986204e9f3fc2275aea3377 Mon Sep 17 00:00:00 2001
From: Petr Viktorin <encukou@gmail.com>
Date: Wed, 27 Apr 2022 18:17:33 +0200
Subject: [PATCH 1/4] gh-68966: Make mailcap refuse to match unsafe
 filenames/types/params

---
 Doc/library/mailcap.rst                                                 |   12 ++++++++++
 Lib/mailcap.py                                                          |    5 ++++
 Misc/NEWS.d/next/Security/2022-04-27-18-25-30.gh-issue-68966.gjS8zs.rst |    4 +++
 3 files changed, 21 insertions(+)

--- a/Doc/library/mailcap.rst
+++ b/Doc/library/mailcap.rst
@@ -27,6 +27,18 @@ The mailcap format is documented in :rfc
 Mechanism For Multimedia Mail Format Information", but is not an internet
 standard.  However, mailcap files are supported on most Unix systems.
 
+   .. versionchanged:: 3.11
+
+      To prevent security issues with shell metacharacters (symbols that have
+      special effects in a shell command line), ``findmatch`` will refuse
+      to inject ASCII characters other than alphanumerics and ``@+=:,./-_``
+      into the returned command line.
+
+      If a disallowed character appears in *filename*, ``findmatch`` will always
+      return ``(None, None)`` as if no entry was found.
+      If such a character appears elsewhere (a value in *plist* or in *MIMEtype*),
+      ``findmatch`` will ignore all mailcap entries which use that value.
+      A :mod:`warning <warnings>` will be raised in either case.
 
 .. function:: findmatch(caps, MIMEtype, key='view', filename='/dev/null', plist=[])
 
--- a/Lib/mailcap.py
+++ b/Lib/mailcap.py
@@ -19,6 +19,11 @@ _find_unsafe = re.compile(r'[^\xa1-\U001
 class UnsafeMailcapInput(Warning):
     """Warning raised when refusing unsafe input"""
 
+_find_unsafe = re.compile(r'[^\xa1-\U0010FFFF\w@+=:,./-]').search
+
+class UnsafeMailcapInput(Warning):
+    """Warning raised when refusing unsafe input"""
+
 
 # Part 1: top-level interface.
 
--- /dev/null
+++ b/Misc/NEWS.d/next/Security/2022-04-27-18-25-30.gh-issue-68966.gjS8zs.rst
@@ -0,0 +1,4 @@
+The deprecated mailcap module now refuses to inject unsafe text (filenames,
+MIME types, parameters) into shell commands. Instead of using such text, it
+will warn and act as if a match was not found (or for test commands, as if
+the test failed).
openSUSE Build Service is sponsored by
Places