Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP1:GA
python-configobj
CVE-2023-26112.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2023-26112.patch of Package python-configobj
From a82ea8fb0338f2bd46cf627c4b763094448e6bd7 Mon Sep 17 00:00:00 2001 From: cdcadman <mythirty@gmail.com> Date: Wed, 17 May 2023 03:57:08 -0700 Subject: [PATCH] Address CVE-2023-26112 ReDoS --- src/configobj/validate.py | 2 +- src/tests/test_validate_errors.py | 10 +++++++++- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/validate.py b/validate.py index 9267a3f..98d879f 100644 --- a/validate.py +++ b/validate.py @@ -541,7 +541,7 @@ class Validator(object): """ # this regex does the initial parsing of the checks - _func_re = re.compile(r'(.+?)\((.*)\)', re.DOTALL) + _func_re = re.compile(r'([^\(\)]+?)\((.*)\)', re.DOTALL) # this regex takes apart keyword arguments _key_arg = re.compile(r'^([a-zA-Z_][a-zA-Z0-9_]*)\s*=\s*(.*)$', re.DOTALL)
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor