mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-02-06 00:38:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
170d5d05230f992a6b003bd15eb02cec4aef2cd9
poky/meta/recipes-devtools/python/python3/0001-Avoid-shebang-overflow-on-python-config.py.patch
Peter Marko 5e9c6deafb python3: upgrade 3.13.3 -> 3.13.4 
Refresh patches.

* https://www.python.org/downloads/release/python-3134/
  Security content in this release
  * gh-135034: [CVE 2024-12718] [CVE 2025-4138] [CVE 2025-4330]
    [CVE 2025-4435] [CVE 2025-4517] Fixes multiple issues that allowed
    tarfile extraction filters (filter="data" and filter="tar") to be
    bypassed using crafted symlinks and hard links.
  * gh-133767: Fix use-after-free in the “unicode-escape” decoder with a
    non-“strict” error handler.
  * gh-128840: Short-circuit the processing of long IPv6 addresses early
    in ipaddress to prevent excessive memory consumption and a minor
    denial-of-service.

gh-133767 got meawhile CVE-2025-4516 assigned.

(From OE-Core rev: 55a9cd748531c75d46f5d6d53af692a38c6b6716)

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2025-06-13 09:01:26 -07:00

31 lines
1.3 KiB
Diff
Raw Blame History

From 6b111a328c1c57b1580d63894b2b5d337316f6d4 Mon Sep 17 00:00:00 2001
From: Paulo Neves <ptsneves@gmail.com>
Date: Tue, 7 Jun 2022 16:16:41 +0200
Subject: [PATCH] Avoid shebang overflow on python-config.py
The whole native path may be too big, leading to shebang
overflow. Let's just use the env shebang.
Denial reason: [1]
Upstream-Status: Denied [distribution]
[1] https://github.com/python/cpython/pull/93760#pullrequestreview-1005365737
---
Makefile.pre.in | 2 ++
1 file changed, 2 insertions(+)
diff --git a/Makefile.pre.in b/Makefile.pre.in
index 9ec3a71..f7d5382 100644
--- a/Makefile.pre.in
+++ b/Makefile.pre.in
@@ -2585,6 +2585,8 @@ python-config: $(srcdir)/Misc/python-config.in Misc/python-config.sh
@ # Substitution happens here, as the completely-expanded BINDIR
@ # is not available in configure
sed -e "s,@EXENAME@,$(EXENAME)," < $(srcdir)/Misc/python-config.in >python-config.py
+ @ # Otherwise we might get huge shebangs with native paths
+ sed -i -e '1s|^#!.*|#!/usr/bin/env python3|' python-config.py
@ # Replace makefile compat. variable references with shell script compat. ones; $(VAR) -> ${VAR}
LC_ALL=C sed -e 's,\$$(\([A-Za-z0-9_]*\)),\$$\{\1\},g' < Misc/python-config.sh >python-config
@ # On Darwin, always use the python version of the script, the shell
Reference in New Issue View Git Blame Copy Permalink