poky/python3-zipp at 5abd143cb526a99c8ea181c6f76d64ed9607dae9 - poky

mirror of https://git.yoctoproject.org/poky synced 2026-02-05 16:28:43 +01:00

Files

Hongxu Jia af06cbf82b python3-zipp: fix CVE-2024-5569

According to [1] which provided the fix link [2], but upstream author
reworked it later [3][4][5]

Backport and rebase all the patches for tracing

[1] https://nvd.nist.gov/vuln/detail/CVE-2024-5569
[2] fd604bd34f
[3] 3cb5609002
[4] f89b93f037
[5] cc61e6140f

(From OE-Core rev: 13bd99e17f0aca108839e81e9aa0b14351116fdf)

Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>

2024-12-09 07:54:03 -08:00

0001-Add-SanitizedNames-mixin.patch

python3-zipp: fix CVE-2024-5569

2024-12-09 07:54:03 -08:00

0002-Employ-SanitizedNames-in-CompleteDirs.-Fixes-broken-.patch

python3-zipp: fix CVE-2024-5569

2024-12-09 07:54:03 -08:00

0003-Removed-SanitizedNames.patch

python3-zipp: fix CVE-2024-5569

2024-12-09 07:54:03 -08:00

0004-Address-infinite-loop-when-zipfile-begins-with-more-.patch

python3-zipp: fix CVE-2024-5569

2024-12-09 07:54:03 -08:00

0005-Prefer-simpler-path.rstrip-to-consolidate-checks-for.patch

python3-zipp: fix CVE-2024-5569

2024-12-09 07:54:03 -08:00