mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-02-06 00:38:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
67,611 Commits 38 Branches 617 Tags
ffce38bad0a4f053c33280280cb15c3ca2b930c3
Commit Graph

3 Commits

Author SHA1 Message Date
Peter Marko
ffce38bad0 python3: ignore CVE-2023-36632 
This CVE shouldn't have been filed as the "exploit" is described in the
documentation as how the library behaves.

(From OE-Core rev: 9665121fd9daf1174ec4045071b900de9195b11e)

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit c652f094d86c4efb7ff99accba63b8169493ab18)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2023-08-02 04:47:12 -10:00
Joe Slater
6af5a447a1 python3: fix CVE-2023-24329 
Backport fix from cpython 3.11 branch.

(From OE-Core rev: 37defd828cc6a8267139928730d766167905d21a)

Signed-off-by: Joe Slater <joe.slater@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2023-03-23 22:45:33 +00:00
Florin Diaconescu
c4bbc6d9c5 python3: upgrade 3.10.8 -> 3.10.9 
Security and bug fixes.

Drop patch for CVE-2022-42919 and CVE-2022-37454 which were merged in 3.10.9

Fixes:
* CVE-2022-45061 (gh-98433)
  https://nvd.nist.gov/vuln/detail/CVE-2022-45061

List of changes:
https://docs.python.org/3.10/whatsnew/changelog.html#python-3-10-9-final

(From OE-Core rev: f98b9c71686eb5ce5115ee73155a7d0389831ef0)

Signed-off-by: Florin Diaconescu <florin.diaconescu009@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2022-12-23 23:05:50 +00:00