From c4f82e3fd561ac83c8c836e43d701cff36ca2f42 Mon Sep 17 00:00:00 2001 From: Peter Marko Date: Sun, 8 Jun 2025 23:43:27 +0200 Subject: python3: upgrade 3.12.9 -> 3.12.11 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Drop upstreamed patch and refresh remaining patches. * https://www.python.org/downloads/release/python-31210/ Python 3.12.10 is the latest maintenance release of Python 3.12, and the last full maintenance release. Subsequent releases of 3.12 will be security-fixes only. * https://www.python.org/downloads/release/python-31211/ Security content in this release * gh-135034: [CVE 2024-12718] [CVE 2025-4138] [CVE 2025-4330] [CVE 2025-4435] [CVE 2025-4517] Fixes multiple issues that allowed tarfile extraction filters (filter="data" and filter="tar") to be bypassed using crafted symlinks and hard links. * gh-133767: Fix use-after-free in the “unicode-escape” decoder with a non-“strict” error handler. * gh-128840: Short-circuit the processing of long IPv6 addresses early in ipaddress to prevent excessive memory consumption and a minor denial-of-service. gh-133767 got meawhile CVE-2025-4516 assigned. (From OE-Core rev: 6cca08b2857efd5481e837ecd6bb295cb8a99ee1) Signed-off-by: Peter Marko Signed-off-by: Steve Sakoman --- meta/recipes-devtools/python/python3/makerace.patch | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'meta/recipes-devtools/python/python3/makerace.patch') diff --git a/meta/recipes-devtools/python/python3/makerace.patch b/meta/recipes-devtools/python/python3/makerace.patch index 862b648685..fbe12a5fca 100644 --- a/meta/recipes-devtools/python/python3/makerace.patch +++ b/meta/recipes-devtools/python/python3/makerace.patch @@ -20,7 +20,7 @@ diff --git a/Makefile.pre.in b/Makefile.pre.in index dce36a5..2d235d2 100644 --- a/Makefile.pre.in +++ b/Makefile.pre.in -@@ -2266,7 +2266,7 @@ COMPILEALL_OPTS=-j0 +@@ -2267,7 +2267,7 @@ COMPILEALL_OPTS=-j0 TEST_MODULES=@TEST_MODULES@ .PHONY: libinstall -- cgit v1.2.3-54-g00ecf