summaryrefslogtreecommitdiffstats
path: root/meta/recipes-devtools/python/python3-git_3.1.27.bb
Commit message (Collapse)AuthorAgeFilesLines
* python3-git: fix for CVE-2022-24439Narpat Mali2023-01-261-0/+4
| | | | | | | | | | | | | | | | | | | | | | All versions of package gitpython are vulnerable to Remote Code Execution (RCE) due to improper user input validation, which makes it possible to inject a maliciously crafted remote URL into the clone command. Exploiting this vulnerability is possible because the library makes external calls to git without sufficient sanitization of input arguments. CVE: CVE-2022-24439 Upstream-Status: Backport Reference: https://github.com/gitpython-developers/GitPython/discussions/1529 https://github.com/gitpython-developers/GitPython/pull/1518 https://github.com/gitpython-developers/GitPython/pull/1521 (From OE-Core rev: 55f93e3786290dfa5ac72b5969bb2793f6a98bde) Signed-off-by: Narpat Mali <narpat.mali@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* classes/setuptools_build_meta: rename to python_setuptools_build_metaRoss Burton2022-03-201-1/+1
| | | | | | | | | | Rename this class to be python-prefixed to match the other new Python build system classes. (From OE-Core rev: 25d6bf8079797906bde7c0cf63a0466c981ba5bb) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-git: upgrade 3.1.26 -> 3.1.27wangmy2022-02-271-0/+32
Changelog: ========= -Reduced startup time due to optimized imports. -Fix a vulenerability that could cause great slowdowns when encountering long remote path names when pulling/fetching. (From OE-Core rev: 3cb7f09392f1e43fec1c490cdee8bcdf581b1489) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>