linux/meta-openembedded.git/meta-python/recipes-devtools/python/python3-cbor2_5.7.1.bb, branch wrynose

python3-cbor2: upgrade 5.7.1 -> 5.8.0

2026-01-06T02:16:18+00:00

Contains fix for CVE-2025-68131 Changelog: - Added readahead buffering to C decoder for improved performance. The decoder now uses a 4 KB buffer by default to reduce the number of read calls. Benchmarks show 20-140% performance improvements for decoding operations. - Fixed Python decoder not preserving share index when decoding array items containing nested shareable tags, causing shared references to resolve to wrong objects - Reset shared reference state at the start of each top-level encode/decode operation Ptests passed: ... PASS: tests/test_tool.py:test_dtypes_from_file PASS: tests/test_tool.py:test_ignore_tag PASS: tests/test_types.py:test_frozendict ============================================================================ Testsuite summary DURATION: 4 Signed-off-by: Gyorgy Sarvari Signed-off-by: Khem Raj

python3-cbor2: set CVE_PRODUCT

2025-12-31T16:28:51+00:00

The default, "python:cbor2" CVE_PRODUCT is not appropriate for this recipe, because most associated CVEs use "agronholm:cbor2" CPE. Set the CVE_PRODUCT to cbor2, so it will match the currently used CPE, and in case there will be future python:cbor2 CPEs also, they will be matched too. Signed-off-by: Gyorgy Sarvari Signed-off-by: Khem Raj

python3-cbor2: upgrade 5.7.0 -> 5.7.1

2025-10-29T17:14:13+00:00

Changelog: =========== - Improved performance on decoding large definite bytestrings - Fixed a read(-1) vulnerability caused by boundary handling error Signed-off-by: Wang Mingyu Signed-off-by: Khem Raj