python3: upgrade 3.13.3 -> 3.13.4

Security content in this release: - gh-135034: Fixes multiple issues that allowed tarfile extraction filters (filter="data" and filter="tar") to be bypassed using crafted symlinks and hard links. Addresses CVE-2024-12718, CVE-2025-4138, CVE-2025-4330, and CVE-2025-4517. - gh-133767: Fix use-after-free in the “unicode-escape” decoder with a non- “strict” error handler. - gh-128840: Short-circuit the processing of long IPv6 addresses early in ipaddress to prevent excessive memory consumption and a minor denial-of-service. Includes additional standard library improvements and bug fixes. References: https://docs.python.org/3/whatsnew/changelog.html#python-3-13-4-final https://www.python.org/downloads/release/python-3134/ (From OE-Core rev: d2bcfa826aa3a7bd5d6ab250fb8ba083e2688c8b) Signed-off-by: Praveen Kumar <praveen.kumar@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Praveen Kumar <praveen.kumar@windriver.com> 2025-06-05 20:08:25 +0530
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2025-06-09 17:43:41 +0100
commit: f64ec011d9d0f523a1971763d78624016c6a4adf (patch)
tree: 1d9a8ccbefc041ef67fba668641fb9c37be6d474
parent: a375cb15b9dac5db64667168f0724e79d2792a09 (diff)
download: poky-f64ec011d9d0f523a1971763d78624016c6a4adf.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/meta/recipes-devtools/python/python3_3.13.3.bb b/meta/recipes-devtools/python/python3_3.13.4.bb
index 11dd6f4b8f..5b49fee3bf 100644
--- a/meta/recipes-devtools/python/python3_3.13.3.bb
+++ b/meta/recipes-devtools/python/python3_3.13.4.bb
@@ -36,7 +36,7 @@ SRC_URI:append:class-native = " \
           file://0001-Lib-sysconfig.py-use-prefix-value-from-build-configu.patch \
           "
-SRC_URI[sha256sum] = "40f868bcbdeb8149a3149580bb9bfd407b3321cd48f0be631af955ac92c0e041"
+SRC_URI[sha256sum] = "27b15a797562a2971dce3ffe31bb216042ce0b995b39d768cf15f784cc757365"
 # exclude pre-releases for both python 2.x and 3.x
 UPSTREAM_CHECK_REGEX = "[Pp]ython-(?P<pver>\d+(\.\d+)+).tar"
author	Praveen Kumar <praveen.kumar@windriver.com>	2025-06-05 20:08:25 +0530
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2025-06-09 17:43:41 +0100
commit	f64ec011d9d0f523a1971763d78624016c6a4adf (patch)
tree	1d9a8ccbefc041ef67fba668641fb9c37be6d474
parent	a375cb15b9dac5db64667168f0724e79d2792a09 (diff)
download	poky-f64ec011d9d0f523a1971763d78624016c6a4adf.tar.gz

diff --git a/meta/recipes-devtools/python/python3_3.13.3.bb b/meta/recipes-devtools/python/python3_3.13.4.bb index 11dd6f4b8f..5b49fee3bf 100644 --- a/meta/recipes-devtools/python/python3_3.13.3.bb +++ b/meta/recipes-devtools/python/python3_3.13.4.bb
@@ -36,7 +36,7 @@ SRC_URI:append:class-native = " \
36	file://0001-Lib-sysconfig.py-use-prefix-value-from-build-configu.patch \	36	file://0001-Lib-sysconfig.py-use-prefix-value-from-build-configu.patch \
37	"	37	"
38		38
39	SRC_URI[sha256sum] = "40f868bcbdeb8149a3149580bb9bfd407b3321cd48f0be631af955ac92c0e041"	39	SRC_URI[sha256sum] = "27b15a797562a2971dce3ffe31bb216042ce0b995b39d768cf15f784cc757365"
40		40
41	# exclude pre-releases for both python 2.x and 3.x	41	# exclude pre-releases for both python 2.x and 3.x
42	UPSTREAM_CHECK_REGEX = "[Pp]ython-(?P<pver>\d+(\.\d+)+).tar"	42	UPSTREAM_CHECK_REGEX = "[Pp]ython-(?P<pver>\d+(\.\d+)+).tar"