mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-02-10 02:33:02 +01:00
Code Issues Packages Projects Releases Wiki Activity
67,043 Commits 38 Branches 617 Tags
887faedb16db908c032f3abcfd8a16e9da2123cd
Commit Graph

2 Commits

Author SHA1 Message Date
Vivek Kumbhar
9510218414 python3: fix CVE-2022-42919 local privilege escalation via the multiprocessing forkserver start method 
Upstream-Status: Backport from eae692eed1

(From OE-Core rev: 9ed7184930707c98afabca8c6b712df874ad659f)

Signed-off-by: Vivek Kumbhar <vkumbhar@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2022-12-01 19:35:04 +00:00
Tim Orling
6a3c365332 python3: upgrade 3.10.4 -> 3.10.7 
Security and bug fixes.

Drop patch for gh-92036 which was merged in 3.10.5
Refresh 0017-setup.py-do-not-report-missing-dependencies-for-disa.pathc

Fixes:
* CVE-2020-10735
  https://nvd.nist.gov/vuln/detail/CVE-2020-10735
* CVE-2021-28861
  https://nvd.nist.gov/vuln/detail/CVE-2021-28861
* CVE-2018-25032
  https://nvd.nist.gov/vuln/detail/CVE-2018-25032

For a list of changes see:
https://docs.python.org/3.10/whatsnew/changelog.html#python-3-10-7-final
https://docs.python.org/3.10/whatsnew/changelog.html#python-3-10-6-final
https://docs.python.org/3.10/whatsnew/changelog.html#python-3-10-6-final

(From OE-Core rev: 3efae85283b19fa1b30af7fed7fa89d7a50337db)

Signed-off-by: Tim Orling <tim.orling@konsulko.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2022-10-20 15:36:02 +01:00