diff options
| author | Steve Dower <steve.dower@python.org> | 2024-05-09 11:52:11 (GMT) |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-05-09 11:52:11 (GMT) |
| commit | d86b49411753bf2c83291e3a14ae43fefded2f84 (patch) | |
| tree | 28fcb88cbe08609d9b1368bfd7f3fe16836b4b4f /Doc/whatsnew | |
| parent | 632682c0c27f51aa20fa27d1acf80d38997e4022 (diff) | |
| download | cpython-d86b49411753bf2c83291e3a14ae43fefded2f84.zip cpython-d86b49411753bf2c83291e3a14ae43fefded2f84.tar.gz cpython-d86b49411753bf2c83291e3a14ae43fefded2f84.tar.bz2 | |
gh-118486: Update docs for CVE-2024-4030 reference (GH-118737)
Update docs for CVE-2024-4030 reference
Diffstat (limited to 'Doc/whatsnew')
| -rw-r--r-- | Doc/whatsnew/3.13.rst | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/Doc/whatsnew/3.13.rst b/Doc/whatsnew/3.13.rst index 69264a3..8e90fae 100644 --- a/Doc/whatsnew/3.13.rst +++ b/Doc/whatsnew/3.13.rst @@ -847,6 +847,12 @@ os :c:func:`!posix_spawn_file_actions_addclosefrom_np`. (Contributed by Jakub Kulik in :gh:`113117`.) +* :func:`os.mkdir` and :func:`os.makedirs` on Windows now support passing a + *mode* value of ``0o700`` to apply access control to the new directory. This + implicitly affects :func:`tempfile.mkdtemp` and is a mitigation for + :cve:`2024-4030`. Other values for *mode* continue to be ignored. + (Contributed by Steve Dower in :gh:`118486`.) + os.path ------- @@ -989,6 +995,14 @@ sys This function is not guaranteed to exist in all implementations of Python. (Contributed by Serhiy Storchaka in :gh:`78573`.) +tempfile +-------- + +* On Windows, the default mode ``0o700`` used by :func:`tempfile.mkdtemp` now + limits access to the new directory due to changes to :func:`os.mkdir`. This + is a mitigation for :cve:`2024-4030`. + (Contributed by Steve Dower in :gh:`118486`.) + time ---- |