diff options
| author | Saravanan <saravanan.kadambathursubramaniyam@windriver.com> | 2025-10-13 17:22:44 +0530 |
|---|---|---|
| committer | Steve Sakoman <steve@sakoman.com> | 2025-10-24 06:23:39 -0700 |
| commit | 2ab1bedda9e081dbf01d4c3069d247efc6c3c55e (patch) | |
| tree | cfa19813920bfa49eb1059e23cbef19710625777 /meta/recipes-devtools/python/python3-xmltodict_0.13.0.bb | |
| parent | a04f9ab3a5f5d813b581a4dfa19ac21dd6c5ac67 (diff) | |
| download | poky-2ab1bedda9e081dbf01d4c3069d247efc6c3c55e.tar.gz | |
python3-xmltodict: fix CVE-2025-9375
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2025-9375
https://security-tracker.debian.org/tracker/CVE-2025-9375
https://git.launchpad.net/ubuntu/+source/python-xmltodict/commit/?id=e8110a20e00d80db31d5fc9f8f4577328385d6b6
Upstream-patch:
https://github.com/martinblech/xmltodict/commit/ecd456ab88d379514b116ef9293318b74e5ed3ee
https://github.com/martinblech/xmltodict/commit/f98c90f071228ed73df997807298e1df4f790c33
(From OE-Core rev: 30624cce634cade0b030aa71a03be754abbf3da9)
Signed-off-by: Saravanan <saravanan.kadambathursubramaniyam@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Diffstat (limited to 'meta/recipes-devtools/python/python3-xmltodict_0.13.0.bb')
| -rw-r--r-- | meta/recipes-devtools/python/python3-xmltodict_0.13.0.bb | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/meta/recipes-devtools/python/python3-xmltodict_0.13.0.bb b/meta/recipes-devtools/python/python3-xmltodict_0.13.0.bb index e8e275647c..9a308a29d2 100644 --- a/meta/recipes-devtools/python/python3-xmltodict_0.13.0.bb +++ b/meta/recipes-devtools/python/python3-xmltodict_0.13.0.bb | |||
| @@ -13,6 +13,8 @@ inherit pypi setuptools3 ptest | |||
| 13 | 13 | ||
| 14 | SRC_URI += " \ | 14 | SRC_URI += " \ |
| 15 | file://run-ptest \ | 15 | file://run-ptest \ |
| 16 | file://CVE-2025-9375-1.patch \ | ||
| 17 | file://CVE-2025-9375-2.patch \ | ||
| 16 | " | 18 | " |
| 17 | 19 | ||
| 18 | RDEPENDS:${PN} += " \ | 20 | RDEPENDS:${PN} += " \ |