CVE-2026-47712 jelmer CVE debrief

Who should care

Users of Dulwich, a pure-Python implementation of Git file formats and protocols, should be aware of this vulnerability. Specifically, those who use Dulwich to format patches from untrusted commits should take precautions.

Technical summary

The `dulwich.porcelain.format_patch` function is vulnerable to a path traversal attack. An attacker can craft a malicious commit subject that directs the generated patch file outside the requested output directory. This is because the function uses the commit subject line to derive the patch filename, without properly sanitizing the input.

Defensive priority

Medium

Recommended defensive actions

• Upgrade to Dulwich 1.2.5 or later.
• Use `stdout=True` and write the patch to a destination you control, rather than letting `format_patch` choose the filename.
• Validate the chosen path before opening - e.g., compare `os.path.realpath(returned_path)` against `os.path.realpath(outdir)` and reject any patch whose resolved path is not inside `outdir`.
• Pre-screen commits and refuse to format any whose subject's first line contains /, , .., or other characters that are not safe on the target filesystem.

Evidence notes

The vulnerability is fixed in Dulwich 1.2.5. The `dulwich.patch.get_summary` function now mirrors Git's `format_sanitized_subject`, which sanitizes the commit subject line to make it safe to use as a filename component.

Official resources