Your message dated Sun, 11 Jan 2026 22:08:40 +0000
with message-id <[email protected]>
and subject line Re: Bug#1125105: trixie-pu: package
python-filelock/3.18.0-1+deb13u1
has caused the Debian Bug report #1125105,
regarding trixie-pu: package python-filelock/3.18.0-1+deb13u1
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1125105: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1125105
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
Tags: trixie
X-Debbugs-Cc: [email protected]
Control: affects -1 + src:python-filelock
User: [email protected]
Usertags: pu
[ Reason ]
Fixes CVE-2025-68146, a Time-of-Check-Time-of-Use (TOCTOU) race condition
which allows local attackers to corrupt or truncate arbitrary user files
through symlink attacks.
[ Impact ]
Potential exploitation of the vulnerability, leading to integrity
violations if not addressed. Also see ticket #1123510 [1]
[ Tests ]
Unit tests included with the package succeed.
[ Risks ]
Low risk IMHO; the fix is exclusively targeted towards the vulnerability
in question. Most of the patch code lines actually deal with the (more
complex) Windows case. O_NOFOLLOW should be available on Debian.
[ Checklist ]
[x] *all* changes are documented in the d/changelog
[x] I reviewed all changes and I approve them
[x] attach debdiff against the package in (old)stable
[ ] the issue is verified as fixed in unstable
[ Changes ]
Added a patch which adds O_NOFOLLOW flag to os.open() call in
UnixFileLock._acquire(), hence ensuring the system returns the ELOOP
error if lock path is a symlink, preventing the attack.
[ Other info ]
None as far as I would consider important.
[1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1123510
diff -Nru python-filelock-3.18.0/debian/changelog
python-filelock-3.18.0/debian/changelog
--- python-filelock-3.18.0/debian/changelog 2025-03-22 00:19:37.000000000
+0100
+++ python-filelock-3.18.0/debian/changelog 2026-01-07 14:16:28.000000000
+0100
@@ -1,3 +1,12 @@
+python-filelock (3.18.0-1+deb13u1) trixie; urgency=medium
+
+ * Add patch: cve-2025-68146.patch
+ This addresses CVE-2025-68146 by including the patch from upstream.
+ (commit e84510eac948b5b6027b24025f421a650cbd9749)
+ Closes: #112351
+
+ -- Sascha Steinbiss <[email protected]> Wed, 07 Jan 2026 14:16:28 +0100
+
python-filelock (3.18.0-1) unstable; urgency=medium
* New upstream release.
diff -Nru python-filelock-3.18.0/debian/patches/cve-2025-68146.patch
python-filelock-3.18.0/debian/patches/cve-2025-68146.patch
--- python-filelock-3.18.0/debian/patches/cve-2025-68146.patch 1970-01-01
01:00:00.000000000 +0100
+++ python-filelock-3.18.0/debian/patches/cve-2025-68146.patch 2026-01-07
14:16:21.000000000 +0100
@@ -0,0 +1,101 @@
+From e84510eac948b5b6027b24025f421a650cbd9749 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Bern=C3=A1t=20G=C3=A1bor?= <[email protected]>
+Date: Mon, 15 Dec 2025 08:49:14 -0800
+Subject: [PATCH] Fix TOCTOU symlink vulnerability in lock file creation
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+A race condition existed between checking if the lock file exists and opening
it with O_TRUNC, allowing
+local attackers to create a symlink pointing to victim files. When the lock
was acquired, os.open() would
+follow the symlink and truncate the target file, causing data loss or
corruption.
+
+The vulnerability affected both Unix and Windows platforms and cascaded
through dependent libraries:
+- virtualenv: Could overwrite user configs with virtualenv metadata, leaking
file contents
+- PyTorch: Could truncate CPU ISA cache causing crashes, or corrupt compiled
model checkpoints preventing
+ model loading (DoS for ML pipelines)
+
+Unix/Linux/macOS fix:
+- Add O_NOFOLLOW flag to os.open() call in UnixFileLock._acquire()
+- System returns ELOOP error if lock path is a symlink, preventing the attack
+
+Windows fix:
+- Use GetFileAttributesW API via ctypes to detect reparse points
(symlinks/junctions)
+- Refuse to open lock file if FILE_ATTRIBUTE_REPARSE_POINT flag is set
+- Raises OSError before attempting to open, closing the race window
+
+This addresses CWE-362 (Race Condition), CWE-367 (TOCTOU), and CWE-59 (Link
Following).
+
+Reported-by: @tsigouris007
+Signed-off-by: Bernát Gábor <[email protected]>
+---
+ src/filelock/_unix.py | 2 +-
+ src/filelock/_windows.py | 38 ++++++++++++++++++++++++++++++++++++++
+ 2 files changed, 39 insertions(+), 1 deletion(-)
+
+--- a/src/filelock/_unix.py
++++ b/src/filelock/_unix.py
+@@ -38,7 +38,7 @@
+
+ def _acquire(self) -> None:
+ ensure_directory_exists(self.lock_file)
+- open_flags = os.O_RDWR | os.O_TRUNC
++ open_flags = os.O_RDWR | os.O_TRUNC | os.O_NOFOLLOW
+ if not Path(self.lock_file).exists():
+ open_flags |= os.O_CREAT
+ fd = os.open(self.lock_file, open_flags, self._context.mode)
+--- a/src/filelock/_windows.py
++++ b/src/filelock/_windows.py
+@@ -11,7 +11,38 @@
+ from ._util import ensure_directory_exists, raise_on_not_writable_file
+
+ if sys.platform == "win32": # pragma: win32 cover
++ import ctypes
+ import msvcrt
++ from ctypes import wintypes
++
++ # Windows API constants for reparse point detection
++ FILE_ATTRIBUTE_REPARSE_POINT = 0x00000400
++ INVALID_FILE_ATTRIBUTES = 0xFFFFFFFF
++
++ # Load kernel32.dll
++ _kernel32 = ctypes.WinDLL("kernel32", use_last_error=True)
++ _kernel32.GetFileAttributesW.argtypes = [wintypes.LPCWSTR]
++ _kernel32.GetFileAttributesW.restype = wintypes.DWORD
++
++ def _is_reparse_point(path: str) -> bool:
++ """
++ Check if a path is a reparse point (symlink, junction, etc.) on
Windows.
++
++ :param path: Path to check
++ :return: True if path is a reparse point, False otherwise
++ :raises OSError: If GetFileAttributesW fails for reasons other than
file-not-found
++ """
++ attrs = _kernel32.GetFileAttributesW(path)
++ if attrs == INVALID_FILE_ATTRIBUTES:
++ # File doesn't exist yet - that's fine, we'll create it
++ err = ctypes.get_last_error()
++ if err == 2: # noqa: PLR2004 # ERROR_FILE_NOT_FOUND
++ return False
++ if err == 3: # noqa: PLR2004 # ERROR_PATH_NOT_FOUND
++ return False
++ # Some other error - let caller handle it
++ return False
++ return bool(attrs & FILE_ATTRIBUTE_REPARSE_POINT)
+
+ class WindowsFileLock(BaseFileLock):
+ """Uses the :func:`msvcrt.locking` function to hard lock the lock
file on Windows systems."""
+@@ -19,6 +50,13 @@
+ def _acquire(self) -> None:
+ raise_on_not_writable_file(self.lock_file)
+ ensure_directory_exists(self.lock_file)
++
++ # Security check: Refuse to open reparse points (symlinks,
junctions)
++ # This prevents TOCTOU symlink attacks (CVE-TBD)
++ if _is_reparse_point(self.lock_file):
++ msg = f"Lock file is a reparse point (symlink/junction):
{self.lock_file}"
++ raise OSError(msg)
++
+ flags = (
+ os.O_RDWR # open for read and write
+ | os.O_CREAT # create file if not exists
diff -Nru python-filelock-3.18.0/debian/patches/series
python-filelock-3.18.0/debian/patches/series
--- python-filelock-3.18.0/debian/patches/series 1970-01-01
01:00:00.000000000 +0100
+++ python-filelock-3.18.0/debian/patches/series 2026-01-07
14:16:15.000000000 +0100
@@ -0,0 +1 @@
+cve-2025-68146.patch
--- End Message ---
--- Begin Message ---
Package: release.debian.org
Version: 13.3
This update was released with Debian 13.3.
--
Jonathan Wiltshire [email protected]
Debian Developer http://people.debian.org/~jmw
4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC 74C3 5394 479D D352 4C51
ed25519/0x196418AAEB74C8A1: CA619D65A72A7BADFC96D280196418AAEB74C8A1
--- End Message ---
