mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-02-10 02:33:02 +01:00
Code Issues Packages Projects Releases Wiki Activity

python3: patch CVE-2025-8194

Browse Source 
Pick commit from 3.12 branch mentioned in NVD report.
https://nvd.nist.gov/vuln/detail/CVE-2025-8194

(From OE-Core rev: 4ae9daf3d05530952a8b002257dd9afda2e077e4)

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This commit is contained in:
Peter Marko
2025-08-09 22:37:35 +02:00
committed by Steve Sakoman
parent dc468377e8
commit e371e6b3a7
2 changed files with 223 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
meta/recipes-devtools/python/python3_3.10.18.bb
View File

@@ -37,6 +37,7 @@ SRC_URI = "http://www.python.org/ftp/python/${PV}/Python-${PV}.tar.xz \
file://0001-Avoid-shebang-overflow-on-python-config.py.patch \
file://0001-test_storlines-skip-due-to-load-variability.patch \
file://0001-gh-107811-tarfile-treat-overflow-in-UID-GID-as-failu.patch \
file://CVE-2025-8194.patch \
"
SRC_URI:append:class-native = " \
@@ -170,7 +171,7 @@ do_install:append:class-native() {
# when they're only used for python called with -O or -OO.
#find ${D} -name *opt-*.pyc -delete
# Remove all pyc files. There are a ton of them and it is probably faster to let
# python create the ones it wants at runtime rather than manage in the sstate
# python create the ones it wants at runtime rather than manage in the sstate
# tarballs and sysroot creation.
find ${D} -name *.pyc -delete
@@ -206,7 +207,7 @@ do_install:append() {
rm -f ${D}${libdir}/python${PYTHON_MAJMIN}/test/__pycache__/test_range.cpython*
rm -f ${D}${libdir}/python${PYTHON_MAJMIN}/test/__pycache__/test_xml_etree.cpython*
# Similar to the above, we're getting reproducibility issues with
# Similar to the above, we're getting reproducibility issues with
# /usr/lib/python3.10/__pycache__/traceback.cpython-310.pyc
# so remove it too
rm -f ${D}${libdir}/python${PYTHON_MAJMIN}/__pycache__/traceback.cpython*
@@ -266,7 +267,7 @@ py_package_preprocess () {
cd -
mv ${PKGD}/${bindir}/python${PYTHON_MAJMIN}-config ${PKGD}/${bindir}/python${PYTHON_MAJMIN}-config-${MULTILIB_SUFFIX}
#Remove the unneeded copy of target sysconfig data
rm -rf ${PKGD}/${libdir}/python-sysconfigdata
}