mirrors/poky - poky - zepto initiative

mirrors/poky

Fork 0

mirror of https://git.yoctoproject.org/poky synced 2026-01-29 21:08:42 +01:00

Commit Graph

Author SHA1 Message Date

Author	SHA1	Message	Date
Praveen Kumar	c6234dce63	python3: fix CVE-2025-6075 If the value passed to os.path.expandvars() is user-controlled a performance degradation is possible when expanding environment variables. Reference: https://nvd.nist.gov/vuln/detail/CVE-2025-6075 Upstream-patch: `892747b4cf` (From OE-Core rev: 9a7f33d85355ffbe382aa175c04c64541e77b441) Signed-off-by: Praveen Kumar <praveen.kumar@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>	2025-12-01 06:50:49 -08:00

Praveen Kumar

c6234dce63

python3: fix CVE-2025-6075

If the value passed to os.path.expandvars() is user-controlled a
performance degradation is possible when expanding environment variables.

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2025-6075

Upstream-patch:
892747b4cf

(From OE-Core rev: 9a7f33d85355ffbe382aa175c04c64541e77b441)

Signed-off-by: Praveen Kumar <praveen.kumar@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>

2025-12-01 06:50:49 -08:00

1 Commits