python3: fix CVE-2025-6075 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	Praveen Kumar <praveen.kumar@windriver.com>	2025-11-21 16:57:23 +0530
committer	Steve Sakoman <steve@sakoman.com>	2025-12-05 07:13:42 -0800
commit	792947d444022e6bf175c4839af6ed2ad8399456 (patch)
tree	2d9fd4772ae8c3d24c9cb2d0b13677ceb6310ea2 /scripts/lib/build_perf/report.py
parent	adc9e377c8203935e52b10ab970902c7a175dff6 (diff)
download	poky-792947d444022e6bf175c4839af6ed2ad8399456.tar.gz

python3: fix CVE-2025-6075

If the value passed to os.path.expandvars() is user-controlled a performance degradation is possible when expanding environment variables. Reference: https://nvd.nist.gov/vuln/detail/CVE-2025-6075 Upstream-patch: https://github.com/python/cpython/commit/9ab89c026aa9611c4b0b67c288b8303a480fe742 (From OE-Core rev: 5313fa5236cd3943f90804de2af81358971894bc) Signed-off-by: Praveen Kumar <praveen.kumar@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>

Diffstat (limited to 'scripts/lib/build_perf/report.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: