mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-02-05 16:28:43 +01:00
Code Issues Packages Projects Releases Wiki Activity
75,607 Commits 38 Branches 617 Tags
4faff2acb8ae732aaa80c2165d4e91cd33a3a066
Commit Graph

2 Commits

Author SHA1 Message Date
Praveen Kumar
792947d444 python3: fix CVE-2025-6075 
If the value passed to os.path.expandvars() is user-controlled a
performance degradation is possible when expanding environment variables.

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2025-6075

Upstream-patch:
9ab89c026a

(From OE-Core rev: 5313fa5236cd3943f90804de2af81358971894bc)

Signed-off-by: Praveen Kumar <praveen.kumar@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2025-12-05 07:13:42 -08:00
Peter Marko
2e5bb26c2c python3: upgrade 3.12.11 -> 3.12.12 
Drop upstreamed patch and refresh remaining patches.

Release information:
* https://www.python.org/downloads/release/python-31212/
* The release you're looking at is Python 3.12.12, a security bugfix
  release for the legacy 3.12 series.

Handles CVE-2025-59375.

(From OE-Core rev: f1234b8451ba843b5f9ec1d2066c21f54d6bc3b8)

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2025-10-24 06:23:40 -07:00