mirror of
https://git.yoctoproject.org/poky
synced 2026-02-06 16:56:37 +01:00
8809530bb0
Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi 2022.12.07 removes root certificates from "TrustCor" from the root store. These are in the process of being removed from Mozilla's trust store. TrustCor's root certificates are being removed pursuant to an investigation prompted by media reporting that TrustCor's ownership also operated a business that produced spyware. Conclusions of Mozilla's investigation can be found in the linked google group discussion. Reference: https://nvd.nist.gov/vuln/detail/CVE-2022-23491 (From OE-Core rev: 8ee4adb8675c690962e5820669098a95f74c07c7) Signed-off-by: Narpat Mali <narpat.mali@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
17 lines
673 B
BlitzBasic
17 lines
673 B
BlitzBasic
SUMMARY = "Python package for providing Mozilla's CA Bundle."
|
|
DESCRIPTION = "This installable Python package contains a CA Bundle that you can reference in your \
|
|
Python code. This is useful for verifying HTTP requests, for example. This is the same CA Bundle \
|
|
which ships with the Requests codebase, and is derived from Mozilla Firefox's canonical set."
|
|
HOMEPAGE = " http://certifi.io/"
|
|
|
|
LICENSE = "ISC"
|
|
LIC_FILES_CHKSUM = "file://LICENSE;md5=67da0714c3f9471067b729eca6c9fbe8"
|
|
|
|
SRC_URI += "file://CVE-2022-23491.patch"
|
|
|
|
SRC_URI[sha256sum] = "78884e7c1d4b00ce3cea67b44566851c4343c120abd683433ce934a68ea58872"
|
|
|
|
inherit pypi setuptools3
|
|
|
|
BBCLASSEXTEND = "native nativesdk"
|