Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP4:Update
python-pip.31589
CVE-2023-5752-r-param-hg.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2023-5752-r-param-hg.patch of Package python-pip.31589
From 389cb799d0da9a840749fcd14878928467ed49b4 Mon Sep 17 00:00:00 2001 From: Pradyun Gedam <pradyunsg@users.noreply.github.com> Date: Sun, 1 Oct 2023 14:10:25 +0100 Subject: [PATCH 1/2] Use `-r=...` instead of `-r ...` for hg This ensures that the resulting revision can not be misinterpreted as an option. --- news/12306.bugfix.rst | 1 + src/pip/_internal/vcs/mercurial.py | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) --- /dev/null +++ b/news/12306.bugfix.rst @@ -0,0 +1 @@ +Use ``-r=...`` instead of ``-r ...`` to specify references with Mercurial. --- a/src/pip/_internal/vcs/mercurial.py +++ b/src/pip/_internal/vcs/mercurial.py @@ -20,7 +20,7 @@ class Mercurial(VersionControl): schemes = ('hg', 'hg+http', 'hg+https', 'hg+ssh', 'hg+static-http') def get_base_rev_args(self, rev): - return [rev] + return ["-r={}".format(rev)] def export(self, location): """Export the Hg repository at the url to the destination location"""
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor