python3-certifi: fix CVE-2023-37920 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	Narpat Mali <narpat.mali@windriver.com>	2023-08-02 17:57:11 +0000
committer	Steve Sakoman <steve@sakoman.com>	2023-08-19 05:56:58 -1000
commit	fbe56e677b36625dd4354275d965044e5e2ffcd9 (patch)
tree	95a76fcf0f15670b3e579704b7c20b1a4b5551ce /scripts/lib/devtool/package.py
parent	d6b8790370500b99ca11f0d8a05c39b661ab2ba6 (diff)
download	poky-fbe56e677b36625dd4354275d965044e5e2ffcd9.tar.gz

python3-certifi: fix CVE-2023-37920

Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi prior to version 2023.07.22 recognizes "e-Tugra" root certificates. e-Tugra's root certificates were subject to an investigation prompted by reporting of security issues in their systems. Certifi 2023.07.22 removes root certificates from "e-Tugra" from the root store. References: https://nvd.nist.gov/vuln/detail/CVE-2023-37920 https://github.com/certifi/python-certifi/security/advisories/GHSA-xqr8-7jwr-rhp7 (From OE-Core rev: 98abbe3394638c6ce795b34247a9e49120e4ffba) Signed-off-by: Narpat Mali <narpat.mali@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>

Diffstat (limited to 'scripts/lib/devtool/package.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: