mirrors/poky - poky - zepto initiative

mirrors/poky

Fork 0

mirror of https://git.yoctoproject.org/poky synced 2026-02-06 16:56:37 +01:00

Commit Graph

Author SHA1 Message Date

Author	SHA1	Message	Date
Rohini Sangam	630e7d6000	python3: Security fix for CVE-2024-8088 CVE fixed: - CVE-2024-8088: python: cpython: denial of service in zipfile Upstream-Status: Backport from `e0264a6111` (From OE-Core rev: 295addec33c83443423a3ef87905c3a70f44a4e7) Signed-off-by: Rohini Sangam <rsangam@mvista.com> Signed-off-by: Siddharth Doshi <sdoshi@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>	2024-09-07 05:38:17 -07:00
Leon Anavi	1c798dccd1	python3: add PACKAGECONFIG[editline] Backport PACKAGECONFIG[editline] from Scarthgap to Kirkstone because libedit has feature parity with readline but is more permissively licensed (BSD verses GPLv3). This patch provides means of enabling editline in a distribution without GPLv3 and in this case improves Python REPL keyboard support. (From OE-Core rev: 12dc7d2081a1aaec90ffb3ed6718d757ce14b5ab) Signed-off-by: Leon Anavi <leon.anavi@konsulko.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>	2024-08-28 06:49:22 -07:00
Peter Marko	f1ad013a29	python3: Upgrade 3.10.13 -> 3.10.14 Addresses CVEs: * CVE-2023-52425 (bundled expat) * CVE-2023-6597 (https://github.com/python/cpython/pull/112840) News: https://github.com/python/cpython/blob/3.10/Misc/NEWS.d/3.10.14.rst (From OE-Core rev: e0b77aa347c03f520802c8235ae0389bb855c146) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>	2024-05-15 09:44:14 -07:00

Rohini Sangam

630e7d6000

python3: Security fix for CVE-2024-8088

CVE fixed:
- CVE-2024-8088: python: cpython: denial of service in zipfile
Upstream-Status: Backport from e0264a6111

(From OE-Core rev: 295addec33c83443423a3ef87905c3a70f44a4e7)

Signed-off-by: Rohini Sangam <rsangam@mvista.com>
Signed-off-by: Siddharth Doshi <sdoshi@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>

2024-09-07 05:38:17 -07:00

Leon Anavi

1c798dccd1

python3: add PACKAGECONFIG[editline]

Backport PACKAGECONFIG[editline] from Scarthgap to Kirkstone
because libedit has feature parity with readline but is more
permissively licensed (BSD verses GPLv3). This patch provides
means of enabling editline in a distribution without GPLv3 and
in this case improves Python REPL keyboard support.

(From OE-Core rev: 12dc7d2081a1aaec90ffb3ed6718d757ce14b5ab)

Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>

2024-08-28 06:49:22 -07:00

Peter Marko

f1ad013a29

python3: Upgrade 3.10.13 -> 3.10.14

Addresses CVEs:
* CVE-2023-52425 (bundled expat)
* CVE-2023-6597 (https://github.com/python/cpython/pull/112840)

News: https://github.com/python/cpython/blob/3.10/Misc/NEWS.d/3.10.14.rst

(From OE-Core rev: e0b77aa347c03f520802c8235ae0389bb855c146)

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>

2024-05-15 09:44:14 -07:00

3 Commits