[3.12] gh-148395: Fix a possible UAF in `{LZMA,BZ2,_Zlib}Decompressor` (GH-148396) by miss-islington · Pull Request #148503 · python/cpython
Navigation Menu
{{ message }}
- Notifications You must be signed in to change notification settings
- Fork 34.4k
Open
miss-islington wants to merge 3 commits intopython:3.12from
Open
[3.12] gh-148395: Fix a possible UAF in {LZMA,BZ2,_Zlib}Decompressor (GH-148396)#148503
miss-islington wants to merge 3 commits intopython:3.12from
[3.12] gh-148395: Fix a possible UAF in {LZMA,BZ2,_Zlib}Decompressor (GH-148396)#148503
miss-islington wants to merge 3 commits intopython:3.12from
Conversation
Copy link Copy Markdown
Contributor
Fix dangling input pointer after MemoryError in _lzma/_bz2/_ZlibDecompressor.decompress
(cherry picked from commit 8fc66ae)
Co-authored-by: Stan Ulbrych stan@python.org
…pythonGH-148396) Fix dangling input pointer after `MemoryError` in _lzma/_bz2/_ZlibDecompressor.decompress (cherry picked from commit 8fc66ae) Co-authored-by: Stan Ulbrych <stan@python.org>
bedevere-app
bot
mentioned this pull request
bedevere-app
bot
added
the
awaiting review
label
bedevere-app
bot
mentioned this pull request
Misc/NEWS.d/next/Security/2026-04-10-16-28-21.gh-issue-148395.kfzm0G.rst
Show resolved
Hide resolved
Misc/NEWS.d/next/Security/2026-04-10-16-28-21.gh-issue-148395.kfzm0G.rst Show resolved Hide resolved
Copy link Copy Markdown
Member
StanFromIreland
commented
Apr 13, 2026
StanFromIreland commented
Apr 13, 2026Damn, too many tabs and I edited the wrong backport :-/
Misc/NEWS.d/next/Security/2026-04-10-16-28-21.gh-issue-148395.kfzm0G.rst
Outdated
Show resolved
Hide resolved
Misc/NEWS.d/next/Security/2026-04-10-16-28-21.gh-issue-148395.kfzm0G.rst Outdated Show resolved Hide resolved
StanFromIreland
assigned
Yhg1s
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment