linux/meta-openembedded.git/meta-python/recipes-devtools/python, branch whinlatter Mirror of git.openembedded.org/meta-openembedded https://git.enea.com/cgit/linux/meta-openembedded.git/atom?h=whinlatter 2026-04-21T03:27:47+00:00 python3-apiflash: upgrade 3.0.0 -> 3.0.2 2026-04-21T03:27:47+00:00 Ankur Tyagi ankur.tyagi85@gmail.com 2026-03-30T10:38:39+00:00 urn:sha1:f6ba658a2716daaf3b91249e49063d07585b89c8 https://github.com/apiflask/apiflask/releases/tag/3.0.1 https://github.com/apiflask/apiflask/releases/tag/3.0.2 Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com> python3-alembic: add HOMEPAGE 2026-04-21T03:27:47+00:00 Ankur Tyagi ankur.tyagi85@gmail.com 2026-03-30T10:38:38+00:00 urn:sha1:afaedb6761a46c3243034f8ac7b16d6702eceece Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com> python3-aiofiles: fix HOMEPAGE 2026-04-21T03:27:47+00:00 Ankur Tyagi ankur.tyagi85@gmail.com 2026-03-30T10:38:37+00:00 urn:sha1:9fedb9a3e71af4432a6e456266aaed28dd277c42 Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com> python3-astroid: upgrade 4.0.2 -> 4.0.4 2026-04-21T03:27:47+00:00 Ankur Tyagi ankur.tyagi85@gmail.com 2026-03-30T10:38:36+00:00 urn:sha1:797f43716956ee62be7256e8fd8bcc6728853d0d https://github.com/pylint-dev/astroid/releases/tag/v4.0.3 https://github.com/pylint-dev/astroid/releases/tag/v4.0.4 Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com> python3-gpiod: update to v2.4.1 2026-03-26T04:59:24+00:00 Bartosz Golaszewski bartosz.golaszewski@oss.qualcomm.com 2026-03-22T10:51:25+00:00 urn:sha1:40642ec81044538a107e59f3b69b745086171e89 Bug-fix release addressing a memory leak and a couple minor issues. We now ship the license file with the dist tarball so update the recipe to take this into account. While at it: trim the LICENSE value to only include LGPL-v2.1-or-later as the other two licenses cover tests and text files. Signed-off-by: Bartosz Golaszewski <bartosz.golaszewski@oss.qualcomm.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit f75f4164fd7184ed47e119c782cea583b96fbb45) Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com> python3-marshmallow: mark CVE-2025-68480 patched 2026-03-26T04:59:24+00:00 Gyorgy Sarvari skandigraun@gmail.com 2026-03-18T19:35:57+00:00 urn:sha1:6e9eff155e92efdc7b809b7a1afb71f9b5dc4c8e Details: https://nvd.nist.gov/vuln/detail/CVE-2025-68480 The vulnerability has been fixed in version 4.1.2[1], however NVD tracks this CVE without version info. Mark it as patched explicitly. [1]: https://github.com/marshmallow-code/marshmallow/commit/d24a0c9df061c4daa92f71cf85aca25b83eee508 Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com> python3-tornado: upgrade 6.5.4 -> 6.5.5 2026-03-26T04:59:24+00:00 Ankur Tyagi ankur.tyagi85@gmail.com 2026-03-16T20:18:27+00:00 urn:sha1:eb76962875191b7cf8368e3394a3575951574dfd Security fixes including CVE-2026-31958 https://www.tornadoweb.org/en/stable/releases/v6.5.5.html Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com> python3-pyjwt: Fix CVE-2026-32597 2026-03-26T04:59:24+00:00 Ankur Tyagi ankur.tyagi85@gmail.com 2026-03-16T20:18:26+00:00 urn:sha1:dbde84f17b9e38d288d9918c0f41ab1e9df64e8b Details https://nvd.nist.gov/vuln/detail/CVE-2026-32597 Backport commit[1] which fixes this vulnerability as mentioned in changelog[2] Dropped changes to the changelog, version bump and tests during backport. [1] https://github.com/jpadilla/pyjwt/commit/051ea341b5573fe3edcd53042f347929b92c2b92 [2] https://github.com/jpadilla/pyjwt/blob/2.12.0/CHANGELOG.rst Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com> python3-django: upgrade 4.2.28 -> 4.2.29 2026-03-26T04:59:23+00:00 Gyorgy Sarvari skandigraun@gmail.com 2026-03-10T20:21:38+00:00 urn:sha1:d7546078a9e76c4ea21ef803e7b5fa31a69ca2ae Contains fixes for CVE-2026-25673 and CVE-2026-25674. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com> python3-django: upgrade 5.2.11 -> 5.2.12 2026-03-26T04:59:23+00:00 Gyorgy Sarvari skandigraun@gmail.com 2026-03-10T12:17:25+00:00 urn:sha1:c08b3e9d8fa315ea82a1b9f3198990b6192d2269 Ptests passed successfully. Changelog: https://docs.djangoproject.com/en/6.0/releases/5.2.12/ - Fixed CVE-2026-25673 and CVE-2026-25674 - Fixed NameError when inspecting functions making use of deferred annotations in Python 3.14. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>