mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-06-27 20:13:41 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
f3fbf45c1d495e8b40720fa16b5bc102e5173c79
poky/meta/recipes-devtools/python/python3
History
Sudhir Dumbhare e61bf028a6 python3: Fix CVE-2025-13462 
Apply the upstream v3.12 fix [1], aligned with the original v3.13 fix [2],
to address incorrect tarfile handling where GNU long name follow-up headers
could be normalized as directories, as referenced in [3].

[1] d10950739a
[2] ae99fe3a33
[3] https://security-tracker.debian.org/tracker/CVE-2025-13462

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2025-13462

(From OE-Core rev: 0b990a354ef858d903d4bed937b1233537c2c478)

Signed-off-by: Sudhir Dumbhare <sudumbha@cisco.com>
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
2026-06-26 16:55:53 +01:00
..
0001-Avoid-shebang-overflow-on-python-config.py.patch
python3: upgrade 3.12.9 -> 3.12.11
2025-06-13 08:58:01 -07:00
0001-gh-107811-tarfile-treat-overflow-in-UID-GID-as-failu.patch
python3: upgrade 3.12.11 -> 3.12.12
2025-10-24 06:23:40 -07:00
0001-Lib-pty.py-handle-stdin-I-O-errors-same-way-as-maste.patch
python3: upgrade 3.12.7 -> 3.12.8
2025-01-09 06:25:36 -08:00
0001-Lib-sysconfig.py-use-prefix-value-from-build-configu.patch
python3: upgrade 3.12.9 -> 3.12.11
2025-06-13 08:58:01 -07:00
0001-Makefile.pre-use-qemu-wrapper-when-gathering-profile.patch
python3: upgrade 3.12.7 -> 3.12.8
2025-01-09 06:25:36 -08:00
0001-python3-use-cc_basename-to-replace-CC-for-checking-c.patch
python3: upgrade 3.12.8 -> 3.12.9
2025-02-14 06:38:54 -08:00
0001-Skip-failing-tests-due-to-load-variability-on-YP-AB.patch
python3: upgrade 3.12.9 -> 3.12.11
2025-06-13 08:58:01 -07:00
0001-skip-no_stdout_fileno-test-due-to-load-variability.patch
python3: upgrade 3.12.9 -> 3.12.11
2025-06-13 08:58:01 -07:00
0001-sysconfig.py-use-platlibdir-also-for-purelib.patch
python3: upgrade 3.12.7 -> 3.12.8
2025-01-09 06:25:36 -08:00
0001-test_active_children-skip-problematic-test.patch
python3: upgrade 3.12.7 -> 3.12.8
2025-01-09 06:25:36 -08:00
0001-test_ctypes.test_find-skip-without-tools-sdk.patch
python3: upgrade 3.12.7 -> 3.12.8
2025-01-09 06:25:36 -08:00
0001-test_deadlock-skip-problematic-test.patch
python3: upgrade 3.12.7 -> 3.12.8
2025-01-09 06:25:36 -08:00
0001-test_locale.py-correct-the-test-output-format.patch
python3: upgrade 3.12.7 -> 3.12.8
2025-01-09 06:25:36 -08:00
0001-test_readline-skip-limited-history-test.patch
python3: upgrade 3.12.8 -> 3.12.9
2025-02-14 06:38:54 -08:00
0001-test_shutdown-skip-problematic-test.patch
python3: upgrade 3.12.7 -> 3.12.8
2025-01-09 06:25:36 -08:00
0001-test_storlines-skip-due-to-load-variability.patch
python3: upgrade 3.12.9 -> 3.12.11
2025-06-13 08:58:01 -07:00
0001-Update-test_sysconfig-for-posix_user-purelib.patch
python3: upgrade 3.12.7 -> 3.12.8
2025-01-09 06:25:36 -08:00
0020-configure.ac-setup.py-do-not-add-a-curses-include-pa.patch
python3: upgrade 3.12.8 -> 3.12.9
2025-02-14 06:38:54 -08:00
cgi_py.patch
python3: upgrade 3.12.7 -> 3.12.8
2025-01-09 06:25:36 -08:00
check_build_completeness.py
python3: upgrade to 3.7.2
2019-02-08 10:57:19 +00:00
create_manifest3.py
python3: Improve logging, syntax and update deprecated modules to create_manifest
2021-04-18 11:37:26 +01:00
crosspythonpath.patch
python3: upgrade 3.12.7 -> 3.12.8
2025-01-09 06:25:36 -08:00
CVE-2025-13462.patch
python3: Fix CVE-2025-13462
2026-06-26 16:55:53 +01:00
CVE-2026-1502.patch
python3: fix for CVE-2026-1502
2026-06-19 12:49:08 +01:00
CVE-2026-3644_CVE-2026-0672.patch
python3: Fix CVE-2026-3644 and CVE-2026-0672
2026-06-26 16:55:53 +01:00
CVE-2026-4519_CVE-2026-4786.patch
python3: Fix CVE-2026-4519 and CVE-2026-4786
2026-06-26 16:55:53 +01:00
CVE-2026-4519_p1.patch
python3: Fix CVE-2026-4519 and CVE-2026-4786
2026-06-26 16:55:53 +01:00
CVE-2026-4519_p2.patch
python3: Fix CVE-2026-4519 and CVE-2026-4786
2026-06-26 16:55:53 +01:00
CVE-2026-6019_p1.patch
python3: Fix CVE-2026-6019
2026-06-26 16:55:53 +01:00
CVE-2026-6019_p2.patch
python3: Fix CVE-2026-6019
2026-06-26 16:55:53 +01:00
CVE-2026-6100.patch
python3: fix CVE-2026-6100
2026-06-19 12:49:08 +01:00
deterministic_imports.patch
python3: upgrade 3.12.7 -> 3.12.8
2025-01-09 06:25:36 -08:00
get_module_deps3.py
python3: fix missing comma in get_module_deps3.py
2023-07-10 11:36:34 +01:00
makerace.patch
python3: upgrade 3.12.9 -> 3.12.11
2025-06-13 08:58:01 -07:00
python3-manifest.json
python3: add dependency on -compression to -core
2024-12-23 05:46:32 -08:00
reformat_sysconfig.py
python3: Fix sysroot reproducibility
2021-10-01 14:51:45 +01:00
run-ptest
python3: Fix ptests on musl
2023-09-04 20:14:14 +01:00