https://github.com/python/cpython/commit/a86de0bc236fbb9452f98998fc8437e9fca35700
commit: a86de0bc236fbb9452f98998fc8437e9fca35700
branch: 3.15
author: Miss Islington (bot) <[email protected]>
committer: zooba <[email protected]>
date: 2026-06-17T16:42:35+01:00
summary:

[3.15] gh-151544: Fixes CVE-2026-12003 by removing the fallback to 
%VPATH%/Modules/Setup.local for discovering sources in getpath.py (GH-151545)

(cherry picked from commit 9e863fab283eddca9c2a8f9d1ee30f4dc243e314)

Co-authored-by: Steve Dower <[email protected]>

files:
A Misc/NEWS.d/next/Security/2026-06-16-14-58-02.gh-issue-151544._bexVy.rst
M Makefile.pre.in
M Modules/getpath.py

diff --git a/Makefile.pre.in b/Makefile.pre.in
index 9c358bc6fbc6818..e411160d3ba8420 100644
--- a/Makefile.pre.in
+++ b/Makefile.pre.in
@@ -1709,6 +1709,8 @@ Programs/_bootstrap_python.o: 
Programs/_bootstrap_python.c $(BOOTSTRAP_HEADERS)
 _bootstrap_python: $(LIBRARY_OBJS_OMIT_FROZEN) Programs/_bootstrap_python.o 
Modules/getpath.o Modules/Setup.local
        $(LINKCC) $(PY_LDFLAGS_NOLTO) -o $@ $(LIBRARY_OBJS_OMIT_FROZEN) \
                Programs/_bootstrap_python.o Modules/getpath.o $(LIBS) 
$(MODLIBS) $(SYSLIBS)
+       # Dummy pybuilddir.txt  is needed for _bootstrap_python to be runnable
+       @echo "none" > ./pybuilddir.txt
 
 
 ############################################################################
diff --git 
a/Misc/NEWS.d/next/Security/2026-06-16-14-58-02.gh-issue-151544._bexVy.rst 
b/Misc/NEWS.d/next/Security/2026-06-16-14-58-02.gh-issue-151544._bexVy.rst
new file mode 100644
index 000000000000000..418e3b4b9677943
--- /dev/null
+++ b/Misc/NEWS.d/next/Security/2026-06-16-14-58-02.gh-issue-151544._bexVy.rst
@@ -0,0 +1,4 @@
+:file:`Modules/Setup.local` is no longer used as a landmark to discover
+whether Python is running in a source tree, as it could potentially affect
+actual installs. The :file:`pybuilddir.txt` file is now the sole indicator
+of running in a source tree.
diff --git a/Modules/getpath.py b/Modules/getpath.py
index 4dceb5cdc8dfcf0..6199567bd777aa0 100644
--- a/Modules/getpath.py
+++ b/Modules/getpath.py
@@ -129,8 +129,7 @@
 # checked by looking for the BUILDDIR_TXT file, which contains the
 # relative path to the platlib dir. The executable_dir value is
 # derived from joining the VPATH preprocessor variable to the
-# directory containing pybuilddir.txt. If it is not found, the
-# BUILD_LANDMARK file is found, which is part of the source tree.
+# directory containing pybuilddir.txt.
 # prefix is then found by searching up for a file that should only
 # exist in the source tree, and the stdlib dir is set to prefix/Lib.
 
@@ -177,7 +176,6 @@
 
 if os_name == 'posix' or os_name == 'darwin':
     BUILDDIR_TXT = 'pybuilddir.txt'
-    BUILD_LANDMARK = 'Modules/Setup.local'
     DEFAULT_PROGRAM_NAME = f'python{VERSION_MAJOR}'
     STDLIB_SUBDIR = 
f'{platlibdir}/python{VERSION_MAJOR}.{VERSION_MINOR}{ABI_THREAD}'
     STDLIB_LANDMARKS = [f'{STDLIB_SUBDIR}/os.py', f'{STDLIB_SUBDIR}/os.pyc']
@@ -190,7 +188,6 @@
 
 elif os_name == 'nt':
     BUILDDIR_TXT = 'pybuilddir.txt'
-    BUILD_LANDMARK = f'{VPATH}\\Modules\\Setup.local'
     DEFAULT_PROGRAM_NAME = f'python'
     STDLIB_SUBDIR = 'Lib'
     STDLIB_LANDMARKS = [f'{STDLIB_SUBDIR}\\os.py', f'{STDLIB_SUBDIR}\\os.pyc']
@@ -513,13 +510,9 @@ def search_up(prefix, *landmarks, test=isfile):
         platstdlib_dir = real_executable_dir
         build_prefix = joinpath(real_executable_dir, VPATH)
     except (FileNotFoundError, PermissionError):
-        if isfile(joinpath(real_executable_dir, BUILD_LANDMARK)):
-            build_prefix = joinpath(real_executable_dir, VPATH)
-            if os_name == 'nt':
-                # QUIRK: Windows builds need platstdlib_dir to be the 
executable
-                # dir. Normally the builddir marker handles this, but in this
-                # case we need to correct manually.
-                platstdlib_dir = real_executable_dir
+        # We used to check for an alternate landmark here, but now we require
+        # BUILDDIR_TXT to exist. (gh-151544; CVE-2026-12003)
+        pass
 
     if build_prefix:
         if os_name == 'nt':

_______________________________________________
Python-checkins mailing list -- [email protected]
To unsubscribe send an email to [email protected]
https://mail.python.org/mailman3//lists/python-checkins.python.org
Member address: [email protected]

Reply via email to