python3: patch CVE-2025-13836

Pick commit from branch 3.12 mentioned in [1]. [1] https://nvd.nist.gov/vuln/detail/CVE-2025-13836 (From OE-Core rev: 05aa143fb5f63de0f53e916daa3392917da46131) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Yoann Congal <yoann.congal@smile.fr> Signed-off-by: Paul Barker <paul@pbarker.dev> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2026-01-29 21:08:42 +01:00 · 2026-01-19 17:33:11 +01:00
parent 5ae239f8ea
commit 2104407814
2 changed files with 163 additions and 0 deletions
--- a/meta/recipes-devtools/python/python3_3.12.12.bb
+++ b/meta/recipes-devtools/python/python3_3.12.12.bb
@@ -36,6 +36,7 @@ SRC_URI = "http://www.python.org/ftp/python/${PV}/Python-${PV}.tar.xz \
           file://0001-test_readline-skip-limited-history-test.patch \
           file://CVE-2025-6075.patch \
           file://CVE-2025-12084.patch \
+           file://CVE-2025-13836.patch \
           "

 SRC_URI:append:class-native = " \