Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Not able to apply the patches from #1521 PR#1529

Answeredbystsewd
nrpt-m asked this question inQ&A
Discussion options

Hi@Byron ,

I am working on fixing theCVE-2022-24439 on our source code. Our product is currently having python3-git with 3.1.27 version. As I got to know that#1521 PR is fixing theCVE-2022-24439 so, started backporting the patches. But, after applying patches observed that in our python3-git source code there is no "test/" directory available and due to which patches are failing to apply.

Later on found that there no test/ directory in original tarball downloaded from thishttps://files.pythonhosted.org/packages/source/G/GitPython/GitPython-3.1.27.tar.gz

Could you please tell me if I can ignore the changes in test/ directory & apply the patches then, will it fix theCVE-2022-24439 issue ? If not then how to fix thisCVE-2022-24439 in this source code where test/ directory is not at available ?

Thanks.

You must be logged in to vote

You should be good ignoring the changes to tests, make also sure to apply the changes from#1518.

Replies: 1 comment 7 replies

Comment options

You should be good ignoring the changes to tests, make also sure to apply the changes from#1518.

You must be logged in to vote
7 replies
@nrpt-m
Comment options

@stsewd Could you please check these patches & confirm if these patches will be able to fix theCVE-2022-24439 ?

@stsewd
Comment options

Hi there, I've been busy, took a quick look and patches look okay.

@nrpt-m
Comment options

Thanks a lot@stsewd &@Byron !!

@philsuth
Comment options

@nrpt-m - In line 294 of your PR1521 patch I think there's an indentation error (breaking line 700 of remote.py): the "url = Git.polish_url(url)" is indented one space too far. Noticed this over in yocto/poky where the patches have been recently merged into Kirkstone. Will you follow up there or should I?

@nrpt-m
Comment options

@philsuth, Thanks for your sharp observations. It would be great help if you could follow up there.

Answer selected bynrpt-m
Sign up for freeto join this conversation on GitHub. Already have an account?Sign in to comment
Category
Q&A
Labels
None yet
4 participants
@nrpt-m@Byron@stsewd@philsuth
[8]ページ先頭
©2009-2025 Movatter.jp