The Python Package Index is introducing new restrictions to protect Python package installers and inspectors from ZIP confusion attacks. There is no evidence that this vulnerability has been exploited.
This may impact a small number of projects on PyPI, requiring them to change their build processes to upload only wheels that don’t use features that can cause ZIP confusion attacks. This includes:
- ZIP archives with invalid record and framing information.
- ZIP archives with duplicate filenames in Local File and Central Directory headers.
- ZIP archives where files included in Local File and Central Directory headers don’t match.
- ZIP archives with trailing data or multiple End of Central Directory headers.
- ZIP archives with incorrect End of Central Directory Locator values.
Read the full blog post: Preventing ZIP parser confusion attacks on Python package installers - The Python Package Index Blog