From adf4e0facbd47ff29bd9da80097412012c0032e9 Mon Sep 17 00:00:00 2001
From: Yogita Urade <yogita.urade@windriver.com>
Date: Thu, 26 Jun 2025 15:57:18 +0530
Subject: python3-urllib3: upgrade 2.4.0 -> 2.5.0

Includes fix for CVE-2025-50181 and CVE-2025-50182

Changelog:
https://urllib3.readthedocs.io/en/stable/changelog.html#id1
https://github.com/urllib3/urllib3/blob/main/CHANGES.rst#250-2025-06-18

(From OE-Core rev: 4bd2fbd3f0e44f42b0abc6e32348aa915d98b87b)

Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---
 .../python/python3-urllib3_2.5.0.bb                | 28 ++++++++++++++++++++++
 1 file changed, 28 insertions(+)
 create mode 100644 meta/recipes-devtools/python/python3-urllib3_2.5.0.bb

(limited to 'meta/recipes-devtools/python/python3-urllib3_2.5.0.bb')

diff --git a/meta/recipes-devtools/python/python3-urllib3_2.5.0.bb b/meta/recipes-devtools/python/python3-urllib3_2.5.0.bb
new file mode 100644
index 0000000000..a4f3995730
--- /dev/null
+++ b/meta/recipes-devtools/python/python3-urllib3_2.5.0.bb
@@ -0,0 +1,28 @@
+SUMMARY = "Python HTTP library with thread-safe connection pooling, file post support, sanity friendly, and more"
+HOMEPAGE = "https://github.com/urllib3/urllib3"
+LICENSE = "MIT"
+LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=52d273a3054ced561275d4d15260ecda"
+
+SRC_URI[sha256sum] = "3fc47733c7e419d4bc3f6b3dc2b4f890bb743906a30d56ba4a5bfa4bbff92760"
+
+inherit pypi python_hatchling
+
+DEPENDS += " \
+    python3-hatch-vcs-native \
+"
+
+RDEPENDS:${PN} += "\
+    python3-certifi \
+    python3-cryptography \
+    python3-email \
+    python3-idna \
+    python3-json \
+    python3-netclient \
+    python3-pyopenssl \
+    python3-threading \
+    python3-logging \
+"
+
+CVE_PRODUCT = "urllib3"
+
+BBCLASSEXTEND = "native nativesdk"
-- 
cgit v1.2.3-54-g00ecf