mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-06-27 11:13:38 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
703b6800895522a4bccc624c7f34ac08292ffd9a
poky/meta/recipes-devtools/python
History
Sudhir Dumbhare 703b680089 python3: Fix CVE-2026-3644 and CVE-2026-0672 
Apply the upstream v3.13 fix [1], as referenced in [2], to address
CVE-2026-3644 by rejecting control characters in http.cookies.Morsel.update(),
the |= operator, and unpickling paths.

CVE-2026-3644 [2] revealed the CVE-2026-0672 fix was incomplete, as
Morsel.update(), |=, and unpickling could bypass input validation. The fix
also adds output validation to BaseCookie.js_output(), matching the
control-character safeguards already present in BaseCookie.output().

[1] d16ecc6c36
[2] https://security-tracker.debian.org/tracker/CVE-2026-3644

References:
https://security-tracker.debian.org/tracker/CVE-2026-3644
https://security-tracker.debian.org/tracker/CVE-2026-0672
https://nvd.nist.gov/vuln/detail/CVE-2026-3644
https://nvd.nist.gov/vuln/detail/CVE-2026-0672

(From OE-Core rev: ac763f139ba7f836d0fa9377295ef7d3b10f2238)

Signed-off-by: Sudhir Dumbhare <sudumbha@cisco.com>
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
2026-06-26 16:55:53 +01:00
..
python3
python3: Fix CVE-2026-3644 and CVE-2026-0672
2026-06-26 16:55:53 +01:00
python3-atomicwrites
python3-atomicwrites: use python3-unittest-automake-output
2023-03-21 22:42:05 +00:00
python3-attrs
python3-attrs: disable Hypothesis deadline
2024-03-01 09:32:13 +00:00
python3-bcrypt
python3-bcrypt: Fix build break on arches without 64 bit atomics
2024-02-29 10:26:13 +00:00
python3-calver
python3-calver: Add recipe
2023-05-11 17:08:29 +01:00
python3-certifi
python3-certifi: Fix CVE-2024-39689
2024-08-19 06:09:14 -07:00
python3-click
python3-click: Copy recipe from meta-python
2023-09-27 11:47:42 +01:00
python3-cryptography
python3-cryptography: Fix CVE-2026-26007
2026-04-02 13:41:54 +01:00
python3-dtc
python3-dtc: add from meta-virtualization
2023-07-25 15:27:33 +01:00
python3-hypothesis
python3-hypothesis: use python3-unittest-automake-output
2023-03-21 22:42:05 +00:00
python3-installer
python3-installer: update 0.5.1 -> 0.6.0
2022-12-28 23:59:55 +00:00
python3-jinja2
python3-jinja2: use python3-unittest-automake-output
2023-03-21 22:42:05 +00:00
python3-jsonpointer
python3-jsonpointer: upgrade to 2.4
2023-07-10 11:36:34 +01:00
python3-license-expression
python3-license-expression: Fix the ptest failure
2023-12-21 10:38:30 +00:00
python3-markupsafe
python3-markupsafe: use python3-unittest-automake-output
2023-03-21 22:42:05 +00:00
python3-maturin
python3-maturin: Fix cross compilation issue for armv7l, mips64, ppc
2024-09-19 05:11:35 -07:00
python3-more-itertools
python3-more-itertools: use python3-unittest-automake-output
2023-03-21 22:42:05 +00:00
python3-numpy
python3-numpy: upgrade 1.26.3 -> 1.26.4
2024-02-09 13:55:06 +00:00
python3-pbr
python3-pip
python3-pip: Fix CVE-2026-1703
2026-03-25 17:34:13 +00:00
python3-pluggy
python3-pluggy: use python3-unittest-automake-output
2023-03-21 22:42:05 +00:00
python3-pyasn1
python3-pyasn1: fix CVE-2026-23490
2026-05-04 13:57:31 +01:00
python3-pyopenssl
python3-pyopenssl: Fix CVE-2026-27459
2026-04-02 13:41:55 +01:00
python3-pytz
python3-pytz: use python3-unittest-automake-output
2023-03-21 22:42:05 +00:00
python3-pyyaml
python3-pyyaml: enable ptest
2024-02-10 14:13:24 +00:00
python3-requests
python3-requests: backport fix for CVE-2026-25645
2026-06-10 14:35:20 +01:00
python3-scons
python3-setuptools
python3-setuptools: Fix CVE-2025-47273
2025-06-11 08:17:34 -07:00
python3-setuptools-scm
python3-setuptools-scm: respect GIT_CEILING_DIRECTORIES
2025-02-28 06:45:14 -08:00
python3-smartypants
python3-trove-classifiers
python3-trove-classifiers: Add recipe
2023-05-11 17:08:29 +01:00
python3-urllib3
python-urllib3: Backport fix for CVE-2026-21441
2026-02-16 09:52:35 +00:00
python3-wcwidth
python3-wcwidth: use python3-unittest-automake-output
2023-03-21 22:42:05 +00:00
python3-webcolors
python3-webcolors: use python3-unittest-automake-output
2023-03-21 22:42:05 +00:00
python3-wheel
python3-wheel: fix CVE-2026-24049
2026-05-04 13:57:31 +01:00
python3-xmltodict
python3-xmltodict: fix CVE-2025-9375
2025-10-24 06:23:39 -07:00
python3-zipp
python3-zipp: fix CVE-2024-5569
2024-12-06 05:50:24 -08:00
python-rfc3986-validator
python3_3.12.13.bb
python3: Fix CVE-2026-3644 and CVE-2026-0672
2026-06-26 16:55:53 +01:00
python3-alabaster_0.7.16.bb
python3-alabaster: upgrade 0.7.13 -> 0.7.16
2024-01-19 12:21:22 +00:00
python3-asn1crypto_1.5.1.bb
python: Drop ${PYTHON_PN}
2024-02-20 11:39:45 +00:00
python3-atomicwrites_1.4.1.bb
python: Drop ${PYTHON_PN}
2024-02-20 11:39:45 +00:00
python3-attrs_23.2.0.bb
python3-attrs: drop python3-ctypes from RDEPENDS
2024-08-01 06:08:09 -07:00
python3-babel_2.14.0.bb
python: Drop ${PYTHON_PN}
2024-02-20 11:39:45 +00:00
python3-bcrypt_4.1.2.bb
python3-bcrypt: drop python3-six from RDEPENDS
2024-07-09 06:02:56 -07:00
python3-bcrypt-crates.inc
python3-bcrypt: Fix build break on arches without 64 bit atomics
2024-02-29 10:26:13 +00:00
python3-beartype_0.17.2.bb
python3-beartype: upgrade 0.17.0 -> 0.17.2
2024-03-01 09:28:51 +00:00
python3-booleanpy_4.0.bb
python3-booleanpy: Copy recipe from meta-python
2023-09-27 11:47:42 +01:00
python3-build_1.1.1.bb
python3-build: upgrade 1.0.3 -> 1.1.1
2024-03-07 17:25:02 +00:00
python3-calver_2022.6.26.bb
python: Drop ${PYTHON_PN}
2024-02-20 11:39:45 +00:00
python3-certifi_2024.2.2.bb
python3-certifi: Fix CVE-2024-39689
2024-08-19 06:09:14 -07:00
python3-cffi_1.16.0.bb
python: Drop ${PYTHON_PN}
2024-02-20 11:39:45 +00:00
python3-chardet_5.2.0.bb
python: Drop ${PYTHON_PN}
2024-02-20 11:39:45 +00:00
python3-click_8.1.7.bb
python: Drop ${PYTHON_PN}
2024-02-20 11:39:45 +00:00
python3-cryptography_42.0.5.bb
python3-cryptography: Fix CVE-2026-26007
2026-04-02 13:41:54 +01:00
python3-cryptography-crates.inc
python3-cryptography{-vectors}: upgrade to 42.0.5
2024-02-29 10:26:13 +00:00
python3-cryptography-vectors_42.0.5.bb
python3-cryptography{-vectors}: upgrade to 42.0.5
2024-02-29 10:26:13 +00:00
python3-cython_3.0.8.bb
python3-cython: upgrade 3.0.7 -> 3.0.8
2024-01-19 12:21:23 +00:00
python3-dbus_1.3.2.bb
python3-dbusmock_0.31.1.bb
python3-dbusmock: upgrade 0.30.2 -> 0.31.1
2024-03-01 09:28:51 +00:00
python3-docutils_0.20.1.bb
python3-docutils: Rename utilities to their canonical names
2023-10-04 23:55:12 +01:00
python3-dtc_1.7.0.bb
python3-dtc: upgrade 1.6.1 -> 1.7.0
2023-08-24 16:50:24 +01:00
python3-dtschema_2024.2.bb
python3-dtschema: upgrade 2023.7 -> 2024.2
2024-03-07 17:25:02 +00:00
python3-editables_0.5.bb
python3-editables: upgrade 0.4 -> 0.5
2023-08-14 12:51:21 +01:00
python3-extras_1.0.0.bb
python3-flit-core_3.9.0.bb
python3-flit-core: upgrade 3.8.0 -> 3.9.0
2023-06-16 15:40:11 +01:00
python3-git_3.1.42.bb
python3-git: upgrade 3.1.41 -> 3.1.42
2024-02-29 10:26:13 +00:00
python3-gitdb_4.0.11.bb
python3-gitdb: upgrade 4.0.10 -> 4.0.11
2023-11-05 11:28:42 +00:00
python3-hatch-fancy-pypi-readme_24.1.0.bb
python3-hatch-fancy-pypi-readme: upgrade 23.1.0 -> 24.1.0
2024-01-07 12:24:57 +00:00
python3-hatch-vcs_0.4.0.bb
python3-hatch-vcs: upgrade 0.3.0 -> 0.4.0
2023-11-20 15:30:52 +00:00
python3-hatchling_1.21.1.bb
python3-hatchling: upgrade 1.21.0 -> 1.21.1
2024-02-14 13:53:35 +00:00
python3-hypothesis_6.98.15.bb
python3-hypothesis: upgrade 6.98.12 -> 6.98.15
2024-03-05 12:24:49 +00:00
python3-idna_3.7.bb
python3-idna: upgrade 3.6 -> 3.7
2024-08-01 06:08:09 -07:00
python3-imagesize_1.4.1.bb
meta/recipes: ensure all recipes have a SUMMARY
2023-04-13 13:53:44 +01:00
python3-importlib-metadata_7.0.1.bb
python: Drop ${PYTHON_PN}
2024-02-20 11:39:45 +00:00
python3-iniconfig_2.0.0.bb
python3-iniconfig: add BBCLASSEXTEND
2023-02-24 13:31:45 +00:00
python3-iniparse_0.5.bb
python3-installer_0.7.0.bb
python3-installer: add missing run-time dependencies
2023-05-22 10:53:49 +01:00
python3-iso8601_2.1.0.bb
python: Drop ${PYTHON_PN}
2024-02-20 11:39:45 +00:00
python3-isodate_0.6.1.bb
python3-isodate: add homepage
2023-09-27 11:47:42 +01:00
python3-jinja2_3.1.6.bb
python3-jinja2: upgrade 3.1.4 -> 3.1.6
2025-04-28 08:18:53 -07:00
python3-jsonpointer_2.4.bb
python: Drop ${PYTHON_PN}
2024-02-20 11:39:45 +00:00
python3-jsonschema_4.21.1.bb
python3-jsonschema: upgrade 4.17.3 -> 4.21.1 and add new dependencies
2024-03-07 17:25:02 +00:00
python3-jsonschema-specifications_2023.12.1.bb
python3-jsonschema-specifications: drop ${PYTHON_PN}
2024-04-13 14:39:07 +01:00
python3-libarchive-c_5.0.bb
python: Drop ${PYTHON_PN}
2024-02-20 11:39:45 +00:00
python3-license-expression_30.2.0.bb
python: Drop ${PYTHON_PN}
2024-02-20 11:39:45 +00:00
python3-lxml_5.0.2.bb
python3-lxml=v5.0.2
2024-11-09 05:53:57 -08:00
python3-magic_0.4.27.bb
python: Drop ${PYTHON_PN}
2024-02-20 11:39:45 +00:00
python3-mako_1.3.2.bb
python: Drop ${PYTHON_PN}
2024-02-20 11:39:45 +00:00
python3-markdown_3.5.2.bb
python: Drop ${PYTHON_PN}
2024-02-20 11:39:45 +00:00
python3-markupsafe_2.1.5.bb
python: Drop ${PYTHON_PN}
2024-02-20 11:39:45 +00:00
python3-maturin_1.4.0.bb
python3-maturin: Fix cross compilation issue for armv7l, mips64, ppc
2024-09-19 05:11:35 -07:00
python3-maturin-crates.inc
python3-maturin: add v1.4.0
2023-12-17 19:07:21 +00:00
python3-meson-python_0.15.0.bb
python3-meson-python: move from meta-python
2024-02-20 11:39:45 +00:00
python3-more-itertools_10.2.0.bb
python: Drop ${PYTHON_PN}
2024-02-20 11:39:45 +00:00
python3-ndg-httpsclient_0.5.1.bb
python: Drop ${PYTHON_PN}
2024-02-20 11:39:45 +00:00
python3-numpy_1.26.4.bb
python: Drop ${PYTHON_PN}
2024-02-20 11:39:45 +00:00
python3-packaging_23.2.bb
python3-packaging: upgrade 23.1 -> 23.2
2023-10-19 13:38:57 +01:00
python3-pathlib2_2.3.7.bb
python: Drop ${PYTHON_PN}
2024-02-20 11:39:45 +00:00
python3-pathspec_0.12.1.bb
python3-pathspec: upgrade 0.11.2 -> 0.12.1
2023-12-23 08:46:00 +00:00
python3-pbr_6.0.0.bb
python3-pbr: upgrade 5.11.1 -> 6.0.0
2023-11-20 15:30:52 +00:00
python3-pip_24.0.bb
python3-pip: drop unused Windows distlib launcher templates
2026-03-25 17:34:13 +00:00
python3-pluggy_1.4.0.bb
python: Drop ${PYTHON_PN}
2024-02-20 11:39:45 +00:00
python3-ply_3.11.bb
python: Drop ${PYTHON_PN}
2024-02-20 11:39:45 +00:00
python3-poetry-core_1.9.0.bb
python3-poetry-core: drop python3-six from RDEPENDS
2024-12-13 05:21:54 -08:00
python3-pretend_1.0.9.bb
python3-psutil_5.9.8.bb
python: Drop ${PYTHON_PN}
2024-02-20 11:39:45 +00:00
python3-py_1.11.0.bb
python: Drop ${PYTHON_PN}
2024-02-20 11:39:45 +00:00
python3-pyasn1_0.5.1.bb
python3-pyasn1: upgrade 0.5.0 -> 0.5.1
2023-11-30 08:43:03 +00:00
python3-pycairo_1.26.0.bb
python3-pycairo: upgrade 1.25.1 -> 1.26.0
2024-03-01 09:28:52 +00:00
python3-pycparser_2.21.bb
python: Drop ${PYTHON_PN}
2024-02-20 11:39:45 +00:00
python3-pycryptodome_3.20.0.bb
python3-pycryptodome(x): use python_setuptools_build_meta build class
2024-08-19 06:09:14 -07:00
python3-pycryptodomex_3.20.0.bb
python3-pycryptodome(x): use python_setuptools_build_meta build class
2024-08-19 06:09:14 -07:00
python3-pyelftools_0.30.bb
python: Drop ${PYTHON_PN}
2024-02-20 11:39:45 +00:00
python3-pygments_2.17.2.bb
python3-pygments: upgrade 2.16.1 -> 2.17.2
2023-12-06 22:55:49 +00:00
python3-pygobject_3.46.0.bb
gnomebase.bbclass: Use meson as default buildsystem
2023-11-13 11:38:03 +00:00
python3-pyopenssl_24.0.0.bb
python3-pyopenssl: Fix CVE-2026-27459
2026-04-02 13:41:55 +01:00
python3-pyparsing_3.1.1.bb
python: Drop ${PYTHON_PN}
2024-02-20 11:39:45 +00:00
python3-pyproject-hooks_1.0.0.bb
python3-pyproject-hooks: fix upstream version check
2023-11-30 08:43:04 +00:00
python3-pyproject-metadata_0.7.1.bb
python3-pyproject-metadata: HOMEPAGE; DESCRIPTION
2024-02-20 11:39:45 +00:00
python3-pyrsistent_0.20.0.bb
python: Drop ${PYTHON_PN}
2024-02-20 11:39:45 +00:00
python3-pysocks_1.7.1.bb
python: Drop ${PYTHON_PN}
2024-02-20 11:39:45 +00:00
python3-pytest_8.0.2.bb
python3-pytest: upgrade 8.0.0 -> 8.0.2
2024-03-01 09:28:52 +00:00
python3-pytest-runner_6.0.1.bb
python: Drop ${PYTHON_PN}
2024-02-20 11:39:45 +00:00
python3-pytest-subtests_0.11.0.bb
python: Drop ${PYTHON_PN}
2024-02-20 11:39:45 +00:00
python3-pytz_2024.1.bb
python3-pytz: upgrade 2023.4 -> 2024.1
2024-03-01 09:28:52 +00:00
python3-pyyaml_6.0.1.bb
python: Drop ${PYTHON_PN}
2024-02-20 11:39:45 +00:00
python3-rdflib_7.0.0.bb
python: Drop ${PYTHON_PN}
2024-02-20 11:39:45 +00:00
python3-referencing_0.33.0.bb
python3-referencing: drop ${PYTHON_PN}
2024-04-13 14:39:07 +01:00
python3-requests_2.32.4.bb
python3-requests: backport fix for CVE-2026-25645
2026-06-10 14:35:20 +01:00
python3-rfc3339-validator_0.1.4.bb
python: Drop ${PYTHON_PN}
2024-02-20 11:39:45 +00:00
python3-rfc3986-validator_0.1.1.bb
python3-rfc3987_1.3.8.bb
python3-rpds-py_0.18.0.bb
python-*: don't set PYPI_ARCHIVE_NAME and S when PYPI_PACKAGE is sufficient
2024-03-22 16:27:48 +00:00
python3-rpds-py-crates.inc
python3-jsonschema: upgrade 4.17.3 -> 4.21.1 and add new dependencies
2024-03-07 17:25:02 +00:00
python3-ruamel-yaml_0.18.6.bb
python3-ruamel-yaml: upgrade 0.17.35 -> 0.18.6
2024-03-07 17:25:02 +00:00
python3-scons_4.6.0.bb
python3-scons: upgrade 4.5.2 -> 4.6.0
2023-11-30 08:43:03 +00:00
python3-semantic-version_2.10.0.bb
python: Drop ${PYTHON_PN}
2024-02-20 11:39:45 +00:00
python3-setuptools_69.1.1.bb
python3-setuptools: drop Windows launcher executables on non-mingw builds
2026-03-25 17:34:13 +00:00
python3-setuptools-rust_1.9.0.bb
python3-setuptools-rust: upgrade 1.8.1 -> 1.9.0
2024-03-01 09:28:52 +00:00
python3-setuptools-scm_8.0.4.bb
python3-setuptools-scm: respect GIT_CEILING_DIRECTORIES
2025-02-28 06:45:14 -08:00
python3-six_1.16.0.bb
python3-smartypants_2.0.0.bb
recipes: Enable nativesdk for gperf, unifdef, gi-docgen and its dependencies
2022-12-21 10:16:31 +00:00
python3-smmap_6.0.0.bb
python: Drop ${PYTHON_PN}
2024-02-20 11:39:45 +00:00
python3-snowballstemmer_2.2.0.bb
python3-sortedcontainers_2.4.0.bb
python3-spdx-tools_0.8.2.bb
python3-spdx-tools: upgrade 0.8.1 -> 0.8.2
2023-11-05 11:28:32 +00:00
python3-sphinx_7.2.6.bb
python3-sphinx: upgrade 7.2.5 -> 7.2.6
2023-09-26 10:35:27 +01:00
python3-sphinx-rtd-theme_2.0.0.bb
python3-sphinxcontrib-jquery: add a recipe and make python3-sphinx-rtd-theme depend on it
2024-03-07 17:25:02 +00:00
python3-sphinxcontrib-applehelp_1.0.8.bb
python-*: don't set PYPI_ARCHIVE_NAME and S when PYPI_PACKAGE is sufficient
2024-03-22 16:27:48 +00:00
python3-sphinxcontrib-devhelp_1.0.6.bb
python-*: don't set PYPI_ARCHIVE_NAME and S when PYPI_PACKAGE is sufficient
2024-03-22 16:27:48 +00:00
python3-sphinxcontrib-htmlhelp_2.0.5.bb
python-*: don't set PYPI_ARCHIVE_NAME and S when PYPI_PACKAGE is sufficient
2024-03-22 16:27:48 +00:00
python3-sphinxcontrib-jquery_4.1.bb
python3-sphinxcontrib-jquery: add a recipe and make python3-sphinx-rtd-theme depend on it
2024-03-07 17:25:02 +00:00
python3-sphinxcontrib-jsmath_1.0.1.bb
meta/recipes: ensure all recipes have a SUMMARY
2023-04-13 13:53:44 +01:00
python3-sphinxcontrib-qthelp_1.0.7.bb
python-*: don't set PYPI_ARCHIVE_NAME and S when PYPI_PACKAGE is sufficient
2024-03-22 16:27:48 +00:00
python3-sphinxcontrib-serializinghtml_1.1.10.bb
python-*: don't set PYPI_ARCHIVE_NAME and S when PYPI_PACKAGE is sufficient
2024-03-22 16:27:48 +00:00
python3-subunit_1.4.4.bb
python3-subunit: Add missing module dependency
2024-01-24 15:46:19 +00:00
python3-testtools_2.7.1.bb
python3-testtools: Fix build problems from incorrect build backend
2024-04-14 06:28:02 +01:00
python3-toml_0.10.2.bb
python: Drop ${PYTHON_PN}
2024-02-20 11:39:45 +00:00
python3-tomli_2.0.1.bb
python3-tomli: add missing run-time dependencies
2023-05-22 10:53:49 +01:00
python3-trove-classifiers_2024.2.23.bb
python3-trove-classifiers: upgrade 2024.1.8 -> 2024.2.23
2024-03-01 09:28:52 +00:00
python3-typing-extensions_4.10.0.bb
python3-typing-extensions: upgrade 4.9.0 -> 4.10.0
2024-03-01 09:28:52 +00:00
python3-typogrify_2.0.7.bb
python: Drop ${PYTHON_PN}
2024-02-20 11:39:45 +00:00
python3-unittest-automake-output_0.2.bb
python3-unittest-automake-output: upgrade to 0.2
2024-02-15 09:18:09 +00:00
python3-uritools_4.0.2.bb
python3-uritools: add recipe
2023-09-27 11:47:42 +01:00
python3-urllib3_2.2.2.bb
python-urllib3: Backport fix for CVE-2026-21441
2026-02-16 09:52:35 +00:00
python3-vcversioner_2.16.0.0.bb
python3-wcwidth_0.2.13.bb
python3-wcwidth: upgrade 0.2.12 -> 0.2.13
2024-03-07 17:25:03 +00:00
python3-webcolors_1.13.bb
python: Drop ${PYTHON_PN}
2024-02-20 11:39:45 +00:00
python3-websockets_12.0.bb
python3-websockets: Import from meta-python
2024-04-14 06:28:02 +01:00
python3-wheel_0.42.0.bb
python3-wheel: fix CVE-2026-24049
2026-05-04 13:57:31 +01:00
python3-xmltodict_0.13.0.bb
python3-xmltodict: fix CVE-2025-9375
2025-10-24 06:23:39 -07:00
python3-yamllint_1.35.1.bb
python3-yamllint: upgrade 1.33.0 -> 1.35.1
2024-03-01 09:28:52 +00:00
python3-zipp_3.17.0.bb
python3-zipp: fix CVE-2024-5569
2024-12-06 05:50:24 -08:00
python-cython.inc
python: Drop ${PYTHON_PN}
2024-02-20 11:39:45 +00:00
python-extras.inc
python-pbr.inc
python: Drop ${PYTHON_PN}
2024-02-20 11:39:45 +00:00
python-pyasn1.inc
python3-pyasn1: fix CVE-2026-23490
2026-05-04 13:57:31 +01:00
python-pycryptodome.inc
python3-pycryptodome: add missing run-time dependencies
2023-05-22 10:53:49 +01:00
python-six.inc
python: Drop ${PYTHON_PN}
2024-02-20 11:39:45 +00:00