Address PEP 706 - Filter for tarfile.extractall #7294
Comments
p12tic
pushed a commit
to p12tic/buildbot
that referenced
this issue
Dec 22, 2023
See PEP 706 - Filter for tarfile.extractall (https://peps.python.org/pep-0706/) Python 3.12 report this as warning: Python 3.14 will, by default, filter extracted tar archives and reject files or modify their metadata. Use the filter argument to control this behavior Fixes buildbot#7294
p12tic
pushed a commit
to p12tic/buildbot
that referenced
this issue
Dec 22, 2023
See PEP 706 - Filter for tarfile.extractall (https://peps.python.org/pep-0706/) Python 3.12 report this as warning: Python 3.14 will, by default, filter extracted tar archives and reject files or modify their metadata. Use the filter argument to control this behavior Fixes buildbot#7294
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Given proposal improves security of tarfile extraction to help avoid CVE-2007-4559.
fully_trustedfilter.datafilter.It seems given proposal was backported also to older version of Python.
Reference: https://peps.python.org/pep-0706/
The text was updated successfully, but these errors were encountered: