| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | python3: fix CVE-2025-6075 | Praveen Kumar | 2025-12-01 | 1 | -0/+1 |
| | | | | | | | | | | | | | | | | | If the value passed to os.path.expandvars() is user-controlled a performance degradation is possible when expanding environment variables. Reference: https://nvd.nist.gov/vuln/detail/CVE-2025-6075 Upstream-patch: https://github.com/python/cpython/commit/892747b4cf0f95ba8beb51c0d0658bfaa381ebca (From OE-Core rev: 9a7f33d85355ffbe382aa175c04c64541e77b441) Signed-off-by: Praveen Kumar <praveen.kumar@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> | ||||
| * | python3: upgrade 3.10.18 -> 3.10.19 | Peter Marko | 2025-10-24 | 1 | -0/+435 |
| Drop upstreamed patch and refresh remaining patches. Release information: * https://www.python.org/downloads/release/python-31019/ * The release you're looking at is Python 3.10.19, a security bugfix release for the legacy 3.10 series. Handles CVE-2025-59375, CVE-2025-47273 and CVE-2024-6345. (From OE-Core rev: 9b3dbd691f6ebdbdfe88cef3d3a676ddd1399c63) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> | |||||
