From 6303a9d5b575617a8c9137d1a26f94022fe8d1c1 Mon Sep 17 00:00:00 2001 From: Soumya Sambu Date: Fri, 19 Sep 2025 18:51:49 +0530 Subject: python3-jinja2: upgrade 3.1.4 -> 3.1.6 Includes fix for - CVE-2024-56326, CVE-2025-27516, CVE-2024-56201 Changelog: https://github.com/pallets/jinja/blob/3.1.6/CHANGES.rst https://github.com/pallets/jinja/blob/3.1.5/CHANGES.rst (From OE-Core rev: a935ef8f205c9510ebc5539c133960bc72504902) (From OE-Core rev: 7108dccff524888d77f0e5e02d9cc4523a700a91) Signed-off-by: Soumya Sambu Signed-off-by: Steve Sakoman Signed-off-by: Soumya Sambu Signed-off-by: Steve Sakoman --- .../python/python3-jinja2_3.1.4.bb | 48 -------------------- .../python/python3-jinja2_3.1.6.bb | 51 ++++++++++++++++++++++ 2 files changed, 51 insertions(+), 48 deletions(-) delete mode 100644 meta/recipes-devtools/python/python3-jinja2_3.1.4.bb create mode 100644 meta/recipes-devtools/python/python3-jinja2_3.1.6.bb diff --git a/meta/recipes-devtools/python/python3-jinja2_3.1.4.bb b/meta/recipes-devtools/python/python3-jinja2_3.1.4.bb deleted file mode 100644 index 3fe82d5e4e..0000000000 --- a/meta/recipes-devtools/python/python3-jinja2_3.1.4.bb +++ /dev/null @@ -1,48 +0,0 @@ -DESCRIPTION = "Python Jinja2: A small but fast and easy to use stand-alone template engine written in pure python." -HOMEPAGE = "https://pypi.org/project/Jinja2/" - -LICENSE = "BSD-3-Clause" -LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=5dc88300786f1c214c1e9827a5229462" - -SRC_URI[sha256sum] = "4a3aee7acbbe7303aede8e9648d13b8bf88a429282aa6122a993f0ac800cb369" - -PYPI_PACKAGE = "jinja2" - -CVE_PRODUCT = "jinja2 jinja" - -CLEANBROKEN = "1" - -inherit pypi python_flit_core -inherit ${@bb.utils.filter('DISTRO_FEATURES', 'ptest', d)} - -SRC_URI += " \ - file://run-ptest \ -" - -do_install_ptest() { - install -d ${D}${PTEST_PATH}/tests - cp -rf ${S}/tests/* ${D}${PTEST_PATH}/tests/ -} - -RDEPENDS:${PN}-ptest += " \ - ${PYTHON_PN}-pytest \ - ${PYTHON_PN}-toml \ - ${PYTHON_PN}-unixadmin \ -" - -RDEPENDS:${PN} += " \ - ${PYTHON_PN}-asyncio \ - ${PYTHON_PN}-crypt \ - ${PYTHON_PN}-io \ - ${PYTHON_PN}-json \ - ${PYTHON_PN}-markupsafe \ - ${PYTHON_PN}-math \ - ${PYTHON_PN}-netclient \ - ${PYTHON_PN}-numbers\ - ${PYTHON_PN}-pickle \ - ${PYTHON_PN}-pprint \ - ${PYTHON_PN}-shell \ - ${PYTHON_PN}-threading \ -" - -BBCLASSEXTEND = "native nativesdk" diff --git a/meta/recipes-devtools/python/python3-jinja2_3.1.6.bb b/meta/recipes-devtools/python/python3-jinja2_3.1.6.bb new file mode 100644 index 0000000000..d4f61cad26 --- /dev/null +++ b/meta/recipes-devtools/python/python3-jinja2_3.1.6.bb @@ -0,0 +1,51 @@ +DESCRIPTION = "Python Jinja2: A small but fast and easy to use stand-alone template engine written in pure python." +HOMEPAGE = "https://pypi.org/project/Jinja2/" + +LICENSE = "BSD-3-Clause" +LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=5dc88300786f1c214c1e9827a5229462" + +SRC_URI[sha256sum] = "0137fb05990d35f1275a587e9aee6d56da821fc83491a0fb838183be43f66d6d" + +PYPI_PACKAGE = "jinja2" + +CVE_PRODUCT = "jinja2 jinja" + +CLEANBROKEN = "1" + +inherit pypi python_flit_core +inherit ${@bb.utils.filter('DISTRO_FEATURES', 'ptest', d)} + +SRC_URI += " \ + file://run-ptest \ +" + +do_install_ptest() { + install -d ${D}${PTEST_PATH}/tests + cp -rf ${S}/tests/* ${D}${PTEST_PATH}/tests/ + + # test_async items require trio module + rm -f ${D}${PTEST_PATH}/tests/test_async.py ${D}${PTEST_PATH}/tests/test_async_filters.py +} + +RDEPENDS:${PN}-ptest += " \ + ${PYTHON_PN}-pytest \ + ${PYTHON_PN}-toml \ + ${PYTHON_PN}-unixadmin \ +" + +RDEPENDS:${PN} += " \ + ${PYTHON_PN}-asyncio \ + ${PYTHON_PN}-crypt \ + ${PYTHON_PN}-io \ + ${PYTHON_PN}-json \ + ${PYTHON_PN}-markupsafe \ + ${PYTHON_PN}-math \ + ${PYTHON_PN}-netclient \ + ${PYTHON_PN}-numbers\ + ${PYTHON_PN}-pickle \ + ${PYTHON_PN}-pprint \ + ${PYTHON_PN}-shell \ + ${PYTHON_PN}-threading \ +" + +BBCLASSEXTEND = "native nativesdk" -- cgit v1.2.3-54-g00ecf