mirrors/poky - poky - zepto initiative

mirrors/poky

Fork 0

mirror of https://git.yoctoproject.org/poky synced 2026-01-29 21:08:42 +01:00

Commit Graph

Author SHA1 Message Date

Author	SHA1	Message	Date
Praveen Kumar	792947d444	python3: fix CVE-2025-6075 If the value passed to os.path.expandvars() is user-controlled a performance degradation is possible when expanding environment variables. Reference: https://nvd.nist.gov/vuln/detail/CVE-2025-6075 Upstream-patch: `9ab89c026a` (From OE-Core rev: 5313fa5236cd3943f90804de2af81358971894bc) Signed-off-by: Praveen Kumar <praveen.kumar@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>	2025-12-05 07:13:42 -08:00

Praveen Kumar

792947d444

python3: fix CVE-2025-6075

If the value passed to os.path.expandvars() is user-controlled a
performance degradation is possible when expanding environment variables.

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2025-6075

Upstream-patch:
9ab89c026a

(From OE-Core rev: 5313fa5236cd3943f90804de2af81358971894bc)

Signed-off-by: Praveen Kumar <praveen.kumar@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>

2025-12-05 07:13:42 -08:00

1 Commits