mirrors/poky - poky - zepto initiative

mirrors/poky

Fork 0

mirror of https://git.yoctoproject.org/poky synced 2026-02-07 09:16:36 +01:00

Commit Graph

Author	SHA1	Message	Date
Ross Burton	782cb75ae9	python3-urllib3: remove rust dependency python3-cryptography (and thus, rust-native) is only needed by the urllib3.contrib.pyopenssl module, which is not recommended for use up the urllib3 upstream maintainers: Module for using pyOpenSSL as a TLS backend. This module was relevant before the standard library ssl module supported SNI, but now that we've dropped support for Python 2.7 all relevant Python versions support SNI so this module is no longer recommended. Add a PACKAGECONFIG to control whether this module is shipped, and disable it by default. This removes rust-native from the default build of urllib3, which is in the dependencies of other common modules such as requests and sphinx. (From OE-Core rev: 055d0928ad9451d3a9c8c74c6215a59023b1116e) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2025-10-30 11:06:28 +00:00
Yogita Urade	adf4e0facb	python3-urllib3: upgrade 2.4.0 -> 2.5.0 Includes fix for CVE-2025-50181 and CVE-2025-50182 Changelog: https://urllib3.readthedocs.io/en/stable/changelog.html#id1 https://github.com/urllib3/urllib3/blob/main/CHANGES.rst#250-2025-06-18 (From OE-Core rev: 4bd2fbd3f0e44f42b0abc6e32348aa915d98b87b) Signed-off-by: Yogita Urade <yogita.urade@windriver.com> Signed-off-by: Antonin Godard <antonin.godard@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2025-07-01 08:49:37 +01:00

Author

SHA1

Message

Date

Ross Burton

782cb75ae9

python3-urllib3: remove rust dependency

python3-cryptography (and thus, rust-native) is only needed by the
urllib3.contrib.pyopenssl module, which is not recommended for use up
the urllib3 upstream maintainers:

  Module for using pyOpenSSL as a TLS backend. This module was relevant
  before the standard library ssl module supported SNI, but now that
  we've dropped support for Python 2.7 all relevant Python versions
  support SNI so **this module is no longer recommended**.

Add a PACKAGECONFIG to control whether this module is shipped, and
disable it by default.

This removes rust-native from the default build of urllib3, which is in
the dependencies of other common modules such as requests and sphinx.

(From OE-Core rev: 055d0928ad9451d3a9c8c74c6215a59023b1116e)

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

2025-10-30 11:06:28 +00:00

Yogita Urade

adf4e0facb

python3-urllib3: upgrade 2.4.0 -> 2.5.0

Includes fix for CVE-2025-50181 and CVE-2025-50182

Changelog:
https://urllib3.readthedocs.io/en/stable/changelog.html#id1
https://github.com/urllib3/urllib3/blob/main/CHANGES.rst#250-2025-06-18

(From OE-Core rev: 4bd2fbd3f0e44f42b0abc6e32348aa915d98b87b)

Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

2025-07-01 08:49:37 +01:00

2 Commits