linux/meta-openembedded.git/meta-python/recipes-devtools/python/python3-ecdsa_0.19.1.bb, branch wrynoseMirror of git.openembedded.org/meta-openembeddedhttps://git.enea.com/cgit/linux/meta-openembedded.git/atom?h=wrynose2026-04-01T20:16:38+00:00python3-ecdsa: Upgrade 0.19.1 -> 0.19.22026-04-01T20:16:38+00:00Mingli Yumingli.yu@windriver.com2026-03-31T03:41:24+00:00urn:sha1:27d096d984b1a5b567ba1b217c3fee8581284575
Changlog:
https://github.com/tlsfuzzer/python-ecdsa/releases/tag/python-ecdsa-0.19.2
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
python3-ecdsa: set CVE_PRODUCT2025-12-31T16:34:04+00:00Gyorgy Sarvariskandigraun@gmail.com2025-12-31T07:54:32+00:00urn:sha1:7f962ef1557a291545646470c03fd9c4a23eb7d9
Set the correct CVE_PRODUCT value, the default python: ecdsa doesn't
match relevant entries.
The correct values were taken from the CVE db, by checking which CVEs
are relevant.
See CVE db query:
sqlite> select * from products where product like '%ecdsa%';
CVE-2019-14853|python-ecdsa_project|python-ecdsa|||0.13.3|<
CVE-2019-14859|python-ecdsa_project|python-ecdsa|||0.13.3|<
CVE-2020-12607|antonkueltz|fastecdsa|||2.1.2|<
CVE-2021-43568|starkbank|elixir_ecdsa|1.0.0|=||
CVE-2021-43569|starkbank|ecdsa-dotnet|1.3.2|=||
CVE-2021-43570|starkbank|ecdsa-java|1.0.0|=||
CVE-2021-43571|starkbank|ecdsa-node|1.1.2|=||
CVE-2021-43572|starkbank|ecdsa-python|||2.0.1|<
CVE-2022-24884|ecdsautils_project|ecdsautils|||0.4.1|<
CVE-2024-21502|antonkueltz|fastecdsa|||2.3.2|<
CVE-2024-23342|tlsfuzzer|ecdsa|||0.18.0|<=
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
python3-ecdsa: upgrade 0.19.0 -> 0.19.12025-03-25T16:33:54+00:00Wang Mingyuwangmy@fujitsu.com2025-03-25T09:01:32+00:00urn:sha1:6f961ea6b4026099c78e8354a93dc8c3bea38669
Changelog:
============
New API:
-----------
- der.remove_implicit and der.encode_implicit for decoding and
encoding DER IMPLICIT values with custom tag values and arbitrary
classes
Bug fixes:
------------
- Minor fixes around arithmetic with curves that have non-prime order
(useful for experimentation, not practical deployments)
- Fix arithmetic to work with curves that have (0, 0) on the curve
- Fix canonicalization of signatures when s is just slightly
above half of curve order
Maintenance:
------------
- Dropped official support for Python 3.5 (again, issues with CI, support
for Python 2.6 and Python 2.7 is unchanged)
- Officially support Python 3.12 and 3.13 (add them to CI)
- Removal of few more unnecessary six.b literals (Alexandre Detiste)
- Fix typos in warning messages
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>