Bug#1125105: marked as done (trixie-pu: package python-filelock/3.18.0-1+deb13u1)

["Debian Bug Tracking System" <owner@bugs.debian.org>]

Your message dated Sun, 11 Jan 2026 22:08:40 +0000
with message-id <aWQfaERUhTaQl2FC@powdarrmonkey.net>
and subject line Re: Bug#1125105: trixie-pu: package python-filelock/3.18.0-1+deb13u1
has caused the Debian Bug report #1125105,
regarding trixie-pu: package python-filelock/3.18.0-1+deb13u1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
1125105: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1125105
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

• To: Debian Bug Tracking System <submit@bugs.debian.org>
• Subject: trixie-pu: package python-filelock/3.18.0-1+deb13u1
• From: Sascha Steinbiss <satta@debian.org>
• Date: Fri, 09 Jan 2026 12:41:11 +0100
• Message-id: <[🔎] 176795887139.1223402.17859939445297626081.reportbug@BLN04NB0421>

Package: release.debian.org
Severity: normal
Tags: trixie
X-Debbugs-Cc: python-filelock@packages.debian.org
Control: affects -1 + src:python-filelock
User: release.debian.org@packages.debian.org
Usertags: pu

[ Reason ]
Fixes CVE-2025-68146, a Time-of-Check-Time-of-Use (TOCTOU) race condition
which allows local attackers to corrupt or truncate arbitrary user files
through symlink attacks.

[ Impact ]
Potential exploitation of the vulnerability, leading to integrity
violations if not addressed. Also see ticket #1123510 [1]

[ Tests ]
Unit tests included with the package succeed.

[ Risks ]
Low risk IMHO; the fix is exclusively targeted towards the vulnerability
in question. Most of the patch code lines actually deal with the (more
complex) Windows case. O_NOFOLLOW should be available on Debian.

[ Checklist ]
  [x] *all* changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in (old)stable
  [ ] the issue is verified as fixed in unstable

[ Changes ]
Added a patch which adds O_NOFOLLOW flag to os.open() call in
UnixFileLock._acquire(), hence ensuring the system returns the ELOOP
error if lock path is a symlink, preventing the attack.

[ Other info ]
None as far as I would consider important.

[1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1123510

diff -Nru python-filelock-3.18.0/debian/changelog python-filelock-3.18.0/debian/changelog
--- python-filelock-3.18.0/debian/changelog	2025-03-22 00:19:37.000000000 +0100
+++ python-filelock-3.18.0/debian/changelog	2026-01-07 14:16:28.000000000 +0100
@@ -1,3 +1,12 @@
+python-filelock (3.18.0-1+deb13u1) trixie; urgency=medium
+
+  * Add patch: cve-2025-68146.patch
+    This addresses CVE-2025-68146 by including the patch from upstream.
+    (commit e84510eac948b5b6027b24025f421a650cbd9749)
+    Closes: #112351
+
+ -- Sascha Steinbiss <satta@debian.org>  Wed, 07 Jan 2026 14:16:28 +0100
+
 python-filelock (3.18.0-1) unstable; urgency=medium
 
   * New upstream release.
diff -Nru python-filelock-3.18.0/debian/patches/cve-2025-68146.patch python-filelock-3.18.0/debian/patches/cve-2025-68146.patch
--- python-filelock-3.18.0/debian/patches/cve-2025-68146.patch	1970-01-01 01:00:00.000000000 +0100
+++ python-filelock-3.18.0/debian/patches/cve-2025-68146.patch	2026-01-07 14:16:21.000000000 +0100
@@ -0,0 +1,101 @@
+From e84510eac948b5b6027b24025f421a650cbd9749 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Bern=C3=A1t=20G=C3=A1bor?= <bgabor8@bloomberg.net>
+Date: Mon, 15 Dec 2025 08:49:14 -0800
+Subject: [PATCH] Fix TOCTOU symlink vulnerability in lock file creation
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+A race condition existed between checking if the lock file exists and opening it with O_TRUNC, allowing
+local attackers to create a symlink pointing to victim files. When the lock was acquired, os.open() would
+follow the symlink and truncate the target file, causing data loss or corruption.
+
+The vulnerability affected both Unix and Windows platforms and cascaded through dependent libraries:
+- virtualenv: Could overwrite user configs with virtualenv metadata, leaking file contents
+- PyTorch: Could truncate CPU ISA cache causing crashes, or corrupt compiled model checkpoints preventing
+  model loading (DoS for ML pipelines)
+
+Unix/Linux/macOS fix:
+- Add O_NOFOLLOW flag to os.open() call in UnixFileLock._acquire()
+- System returns ELOOP error if lock path is a symlink, preventing the attack
+
+Windows fix:
+- Use GetFileAttributesW API via ctypes to detect reparse points (symlinks/junctions)
+- Refuse to open lock file if FILE_ATTRIBUTE_REPARSE_POINT flag is set
+- Raises OSError before attempting to open, closing the race window
+
+This addresses CWE-362 (Race Condition), CWE-367 (TOCTOU), and CWE-59 (Link Following).
+
+Reported-by: @tsigouris007
+Signed-off-by: Bernát Gábor <bgabor8@bloomberg.net>
+---
+ src/filelock/_unix.py    |  2 +-
+ src/filelock/_windows.py | 38 ++++++++++++++++++++++++++++++++++++++
+ 2 files changed, 39 insertions(+), 1 deletion(-)
+
+--- a/src/filelock/_unix.py
++++ b/src/filelock/_unix.py
+@@ -38,7 +38,7 @@
+ 
+         def _acquire(self) -> None:
+             ensure_directory_exists(self.lock_file)
+-            open_flags = os.O_RDWR | os.O_TRUNC
++            open_flags = os.O_RDWR | os.O_TRUNC | os.O_NOFOLLOW
+             if not Path(self.lock_file).exists():
+                 open_flags |= os.O_CREAT
+             fd = os.open(self.lock_file, open_flags, self._context.mode)
+--- a/src/filelock/_windows.py
++++ b/src/filelock/_windows.py
+@@ -11,7 +11,38 @@
+ from ._util import ensure_directory_exists, raise_on_not_writable_file
+ 
+ if sys.platform == "win32":  # pragma: win32 cover
++    import ctypes
+     import msvcrt
++    from ctypes import wintypes
++
++    # Windows API constants for reparse point detection
++    FILE_ATTRIBUTE_REPARSE_POINT = 0x00000400
++    INVALID_FILE_ATTRIBUTES = 0xFFFFFFFF
++
++    # Load kernel32.dll
++    _kernel32 = ctypes.WinDLL("kernel32", use_last_error=True)
++    _kernel32.GetFileAttributesW.argtypes = [wintypes.LPCWSTR]
++    _kernel32.GetFileAttributesW.restype = wintypes.DWORD
++
++    def _is_reparse_point(path: str) -> bool:
++        """
++        Check if a path is a reparse point (symlink, junction, etc.) on Windows.
++
++        :param path: Path to check
++        :return: True if path is a reparse point, False otherwise
++        :raises OSError: If GetFileAttributesW fails for reasons other than file-not-found
++        """
++        attrs = _kernel32.GetFileAttributesW(path)
++        if attrs == INVALID_FILE_ATTRIBUTES:
++            # File doesn't exist yet - that's fine, we'll create it
++            err = ctypes.get_last_error()
++            if err == 2:  # noqa: PLR2004  # ERROR_FILE_NOT_FOUND
++                return False
++            if err == 3:  # noqa: PLR2004 # ERROR_PATH_NOT_FOUND
++                return False
++            # Some other error - let caller handle it
++            return False
++        return bool(attrs & FILE_ATTRIBUTE_REPARSE_POINT)
+ 
+     class WindowsFileLock(BaseFileLock):
+         """Uses the :func:`msvcrt.locking` function to hard lock the lock file on Windows systems."""
+@@ -19,6 +50,13 @@
+         def _acquire(self) -> None:
+             raise_on_not_writable_file(self.lock_file)
+             ensure_directory_exists(self.lock_file)
++
++            # Security check: Refuse to open reparse points (symlinks, junctions)
++            # This prevents TOCTOU symlink attacks (CVE-TBD)
++            if _is_reparse_point(self.lock_file):
++                msg = f"Lock file is a reparse point (symlink/junction): {self.lock_file}"
++                raise OSError(msg)
++
+             flags = (
+                 os.O_RDWR  # open for read and write
+                 | os.O_CREAT  # create file if not exists
diff -Nru python-filelock-3.18.0/debian/patches/series python-filelock-3.18.0/debian/patches/series
--- python-filelock-3.18.0/debian/patches/series	1970-01-01 01:00:00.000000000 +0100
+++ python-filelock-3.18.0/debian/patches/series	2026-01-07 14:16:15.000000000 +0100
@@ -0,0 +1 @@
+cve-2025-68146.patch

--- End Message ---

--- Begin Message ---

• To: 1125105-done@bugs.debian.org
• Subject: Re: Bug#1125105: trixie-pu: package python-filelock/3.18.0-1+deb13u1
• From: Jonathan Wiltshire <jmw@debian.org>
• Date: Sun, 11 Jan 2026 22:08:40 +0000
• Message-id: <aWQfaERUhTaQl2FC@powdarrmonkey.net>
• In-reply-to: <[🔎] 176795887139.1223402.17859939445297626081.reportbug@BLN04NB0421>
• References: <[🔎] 176795887139.1223402.17859939445297626081.reportbug@BLN04NB0421>

Package: release.debian.org
Version: 13.3

This update was released with Debian 13.3.

-- 
Jonathan Wiltshire                                      jmw@debian.org
Debian Developer                         http://people.debian.org/~jmw

4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC  74C3 5394 479D D352 4C51
ed25519/0x196418AAEB74C8A1: CA619D65A72A7BADFC96D280196418AAEB74C8A1

--- End Message ---