samba.git/python/samba/tests/safe_tarfile.py, branch talloc-2.4.2 Unnamed repository; edit this file 'description' to name the repository. python: Remove unused imports 2023-08-30T02:15:29+00:00 Joseph Sutton josephsutton@catalyst.net.nz 2023-08-24T23:09:52+00:00 fce882ab67186fddd957404fe62f84d41380895c Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
python:tests: Fix typos 2023-06-25T23:29:32+00:00 Joseph Sutton josephsutton@catalyst.net.nz 2023-06-12T22:34:39+00:00 b11ad8b137619a73853f7d6dc5e749305149c677 Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
python:tests: Adopt safe_tarfile for extraction_filter raises 2023-06-14T22:57:34+00:00 Andreas Schneider asn@samba.org 2023-06-06T14:06:57+00:00 ebaa00816259cbae5c45ebf0ba5fb260b09e4695 BUG: https://bugzilla.samba.org/show_bug.cgi?id=15390 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> 
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15390

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
CVE-2007-4559 python: ensure sanity in our tarfiles 2022-10-04T03:48:43+00:00 Douglas Bagnall douglas.bagnall@catalyst.net.nz 2022-09-23T00:32:25+00:00 37406b9d97f123576c811b9fe22b39b02af62f83 Python's tarfile module is not very careful about paths that step out of the target directory. We can be a bit better at little cost. This was reported in 2007[1], and has recently been publicised [2, for example]. We were informed of this bug in December 2021 by Luis Alberto López Alvar, but decided then that there were no circumstances under which this was a security concern. That is, if you can alter the backup files, you can already do worse things. But there is a case to guard against an administrator being tricked into trying to restore a file that isn't based on a real backup. [1] https://nvd.nist.gov/vuln/detail/CVE-2007-4559 [2] https://www.theregister.com/2022/09/22/python_vulnerability_tarfile/ BUG: https://bugzilla.samba.org/show_bug.cgi?id=15185 Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Tue Oct 4 03:48:43 UTC 2022 on sn-devel-184 
Python's tarfile module is not very careful about paths that step out
of the target directory. We can be a bit better at little cost.

This was reported in 2007[1], and has recently been publicised [2, for
example].

We were informed of this bug in December 2021 by Luis Alberto López
Alvar, but decided then that there were no circumstances under which
this was a security concern. That is, if you can alter the backup
files, you can already do worse things. But there is a case to guard
against an administrator being tricked into trying to restore a file
that isn't based on a real backup.

[1] https://nvd.nist.gov/vuln/detail/CVE-2007-4559
[2] https://www.theregister.com/2022/09/22/python_vulnerability_tarfile/

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15185

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Oct  4 03:48:43 UTC 2022 on sn-devel-184