mirrors/poky - poky - zepto initiative

mirrors/poky

Fork 0

mirror of https://git.yoctoproject.org/poky synced 2026-02-06 00:38:45 +01:00

Commit Graph

Author	SHA1	Message	Date
Trevor Gamblin	d95d26073d	python3-ptest: skip test_storlines [YOCTO #14933] test_storlines is yet another Python ptest that fails intermittently on the Yocto AB, so disable it during ptests for now. (From OE-Core rev: b71d5ec10f8e64fc6102c66dfc36151f2b0b3c86) Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> (cherry picked from commit d7b9f8157e6214a83b5495e8a32e11540ae65ff8) Signed-off-by: Steve Sakoman <steve@sakoman.com>	2023-12-22 16:36:55 -10:00
Chee Yang Lee	0fb3fd0a0d	python3: upgrade to 3.10.13 Release date: 2023-08-24 Security gh-108310: Fixed an issue where instances of ssl.SSLSocket were vulnerable to a bypass of the TLS handshake and included protections (like certificate verification) and treating sent unencrypted data as if it were post-handshake TLS encrypted data. Security issue reported as CVE-2023-40217 by Aapo Oksman. Patch by Gregory P. Smith. Library gh-107845: tarfile.data_filter() now takes the location of symlinks into account when determining their target, so it will no longer reject some valid tarballs with LinkOutsideDestinationError. Tools/Demos gh-107565: Update multissltests and GitHub CI workflows to use OpenSSL 1.1.1v, 3.0.10, and 3.1.2. C API gh-99612: Fix PyUnicode_DecodeUTF8Stateful() for ASCII-only data: *consumed was not set. (From OE-Core rev: a30e51b8d13912f0d68bfffcd2d8ae6431d2b863) Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>	2023-09-08 16:09:41 -10:00

Author

SHA1

Message

Date

Trevor Gamblin

d95d26073d

python3-ptest: skip test_storlines

[YOCTO #14933]

test_storlines is yet another Python ptest that fails intermittently on
the Yocto AB, so disable it during ptests for now.

(From OE-Core rev: b71d5ec10f8e64fc6102c66dfc36151f2b0b3c86)

Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit d7b9f8157e6214a83b5495e8a32e11540ae65ff8)
Signed-off-by: Steve Sakoman <steve@sakoman.com>

2023-12-22 16:36:55 -10:00

Chee Yang Lee

0fb3fd0a0d

python3: upgrade to 3.10.13

Release date: 2023-08-24

Security
gh-108310: Fixed an issue where instances of ssl.SSLSocket were
vulnerable to a bypass of the TLS handshake and included protections
(like certificate verification) and treating sent unencrypted data as if
it were post-handshake TLS encrypted data. Security issue reported as
CVE-2023-40217 by Aapo Oksman. Patch by Gregory P. Smith.

Library
gh-107845: tarfile.data_filter() now takes the location of symlinks into
account when determining their target, so it will no longer reject some
valid tarballs with LinkOutsideDestinationError.

Tools/Demos
gh-107565: Update multissltests and GitHub CI workflows to use OpenSSL
1.1.1v, 3.0.10, and 3.1.2.

C API
gh-99612: Fix PyUnicode_DecodeUTF8Stateful() for ASCII-only data:
*consumed was not set.

(From OE-Core rev: a30e51b8d13912f0d68bfffcd2d8ae6431d2b863)

Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>

2023-09-08 16:09:41 -10:00

2 Commits