linux/meta-openembedded.git/meta-python/recipes-devtools/python/python3-m2crypto/CVE-2020-25657.patch, branch scarthgap-next Mirror of git.openembedded.org/meta-openembedded https://git.enea.com/cgit/linux/meta-openembedded.git/atom?h=scarthgap-next 2023-07-25T19:46:19+00:00 python3-m2crypto: upgrade 0.38.0 -> 0.39.0 2023-07-25T19:46:19+00:00 Trevor Gamblin tgamblin@baylibre.com 2023-07-25T19:09:39+00:00 urn:sha1:fe48529f1c763ffaea6835837da41421c9a18ee1 Remove the CVE-2020-25657 patch, as it is fixed in 0.39.0: [tgamblin@megalith m2crypto]$ git log --oneline --grep="CVE-2020-25657" 84c5395 Mitigate the Bleichenbacher timing attacks in the RSA decryption API (CVE-2020-25657) [tgamblin@megalith m2crypto]$ git tag --contains 84c53958def0f510e92119fca14d74f94215827a 0.39.0 Changelog (https://gitlab.com/m2crypto/m2crypto/-/blob/master/CHANGES?ref_type=heads): 0.39.0 - 2023-01-31 ------------------- - SUPPORT FOR PYTHON 2 HAS BEEN DEPRECATED AND IT WILL BE COMPLETELY REMOVED IN THE NEXT RELEASE. - Remove dependency on parameterized and use unittest.subTest instead. - Upgrade embedded six.py module to 1.16.0 (really tiny inconsequential changes). - Make tests working on MacOS again (test_bio_membuf: Use fork) - Use OpenSSL_version_num() instead of unrealiable parsing of .h file. - Mitigate the Bleichenbacher timing attacks in the RSA decryption API (CVE-2020-25657) - Add functionality to extract EC key from public key + Update tests - Worked around compatibility issues with OpenSSL 3.* - Support for Twisted has been deprecated (they have their own SSL support anyway). - Generate TAP while testing. - Stop using GitHub for testing. - Accept a small deviation from time in the testsuite (for systems with non-standard HZ kernel parameter). - Use the default BIO.__del__ rather tha overriding in BIO.File (avoid a memleak). - Resolve "X509_Name.as_der() method from X509.py -> class X509_Name caused segmentation fault" Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> python3-m2crypto: fix CVE-2020-25657 and buildpaths qa issue 2022-11-26T02:11:10+00:00 Kai Kang kai.kang@windriver.com 2022-11-25T02:38:44+00:00 urn:sha1:71fc24398981e68d50c94cbaf294e38a81b8db36 Backport patch to fix CVE-2020-25657 for python3-m2crypto. Adjust indent as well. Remove duplicate 'Upstream-Status:' from avoid-host-contamination.patch. Add swig option '-DOPENSSL_FILE' to fix buildpaths qa issues. WARNING: python3-m2crypto-0.38.0-r0 do_package_qa: QA Issue: File /usr/lib/python3.11/site-packages/M2Crypto/_m2crypto.cpython-311-x86_64-linux-gnu.so in package python3-m2crypto contains reference to TMPDIR [buildpaths] Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>