mirror of
https://git.yoctoproject.org/poky
synced 2026-02-05 16:28:43 +01:00
2ae3d43628
Source: https://github.com/pypa/pip
MR: 113864
Type: Security Fix
Disposition: Backport from e46bdda971
ChangeID: 717948e217d6219d1f03afb4d984342d7dea4636
Description:
CVE-2021-3572 python-pip: Incorrect handling of unicode separators in git references.
(From OE-Core rev: 841a8fb5b6351f79a4d756232a544d1a6480c562)
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
33 lines
820 B
BlitzBasic
33 lines
820 B
BlitzBasic
SUMMARY = "The PyPA recommended tool for installing Python packages"
|
|
HOMEPAGE = "https://pypi.python.org/pypi/pip"
|
|
SECTION = "devel/python"
|
|
LICENSE = "MIT"
|
|
LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=8ba06d529c955048e5ddd7c45459eb2e"
|
|
|
|
DEPENDS += "python3 python3-setuptools-native"
|
|
|
|
SRC_URI = "file://CVE-2021-3572.patch "
|
|
SRC_URI[md5sum] = "7d42ba49b809604f0df3d55df1c3fd86"
|
|
SRC_URI[sha256sum] = "7db0c8ea4c7ea51c8049640e8e6e7fde949de672bfa4949920675563a5a6967f"
|
|
|
|
inherit pypi distutils3
|
|
|
|
do_install_append() {
|
|
# Install as pip3 and leave pip2 as default
|
|
rm ${D}/${bindir}/pip
|
|
}
|
|
|
|
RDEPENDS_${PN} = "\
|
|
python3-compile \
|
|
python3-io \
|
|
python3-html \
|
|
python3-json \
|
|
python3-netserver \
|
|
python3-setuptools \
|
|
python3-unixadmin \
|
|
python3-xmlrpc \
|
|
python3-pickle \
|
|
"
|
|
|
|
BBCLASSEXTEND = "native nativesdk"
|