Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit 0f090f0

Browse filesBrowse files
zoobazooba
committed
Update docs for CVE-2024-4030 reference
1 parent 81939da commit 0f090f0
Copy full SHA for 0f090f0

File tree

Expand file treeCollapse file tree

3 files changed

+18
-2
lines changed
Filter options
Expand file treeCollapse file tree

3 files changed

+18
-2
lines changed

‎Doc/whatsnew/3.13.rst

Copy file name to clipboardExpand all lines: Doc/whatsnew/3.13.rst
+14Lines changed: 14 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -641,6 +641,12 @@ os
641641
:c:func:`!posix_spawn_file_actions_addclosefrom_np`.
642642
(Contributed by Jakub Kulik in :gh:`113117`.)
643643

644+
* :func:`os.mkdir` and :func:`os.makedirs` on Windows now support passing a
645+
*mode* value of ``0o700`` to apply access control to the new directory. This
646+
implicitly affects :func:`tempfile.mkdtemp` and is a mitigation for
647+
:cve:`2024-4030`. Other values for *mode* continue to be ignored.
648+
(Contributed by Steve Dower in :gh:`118486`.)
649+
644650
os.path
645651
-------
646652

@@ -767,6 +773,14 @@ sys
767773
This function is not guaranteed to exist in all implementations of Python.
768774
(Contributed by Serhiy Storchaka in :gh:`78573`.)
769775

776+
tempfile
777+
--------
778+
779+
* On Windows, the default mode ``0o700`` used by :func:`tempfile.mkdtemp` now
780+
limits access to the new directory due to changes to :func:`os.mkdir`. This
781+
is a mitigation for :cve:`2024-4030`.
782+
(Contributed by Steve Dower in :gh:`118486`.)
783+
770784
time
771785
----
772786

‎Misc/NEWS.d/next/Security/2024-05-01-20-57-09.gh-issue-118486.K44KJG.rst

Copy file name to clipboard
+4Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,4 @@
1+
:func:`os.mkdir` on Windows now accepts *mode* of ``0o700`` to restrict
2+
the new directory to the current user. This fixes :cve:`2024-4030`
3+
affecting :func:`tempfile.mkdtemp` in scenarios where the base temporary
4+
directory is more permissive than the default.

‎Misc/NEWS.d/next/Windows/2024-05-01-20-57-09.gh-issue-118486.K44KJG.rst

Copy file name to clipboardExpand all lines: Misc/NEWS.d/next/Windows/2024-05-01-20-57-09.gh-issue-118486.K44KJG.rst
-2Lines changed: 0 additions & 2 deletions
This file was deleted.

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.