diff options
| author | Natalia <124304+nessita@users.noreply.github.com> | 2026-01-21 18:03:20 -0300 |
|---|---|---|
| committer | Natalia <124304+nessita@users.noreply.github.com> | 2026-03-03 09:09:32 -0300 |
| commit | 019e44f67a8dace67b786e2818938c8691132988 (patch) | |
| tree | 237a80ce8cc5a35a18968b92da5827c5131f829f /scripts/prepare_commit_msg.py | |
| parent | 951ffb3832cd83ba672c1e3deae2bda128eb9cca (diff) | |
Fixed CVE-2026-25674 -- Prevented potentially incorrect permissions on file system object creation.
This fix introduces `safe_makedirs()` in the `os` utils as a safer
alternative to `os.makedirs()` that avoids umask-related race conditions
in multi-threaded environments.
This is a workaround for https://github.com/python/cpython/issues/86533
and the solution is based on the fix being proposed for CPython.
Co-authored-by: Gregory P. Smith <68491+gpshead@users.noreply.github.com>
Co-authored-by: Zackery Spytz <zspytz@gmail.com>
Refs CVE-2020-24583 and #31921.
Thanks Tarek Nakkouch for the report, and Jake Howard, Jacob Walls, and
Shai Berger for reviews.
Diffstat (limited to 'scripts/prepare_commit_msg.py')
0 files changed, 0 insertions, 0 deletions
