From 87f8184671afda5fb33cca2533bf969aa8b95c9b Mon Sep 17 00:00:00 2001
From: Chen Qi <Qi.Chen@windriver.com>
Date: Fri, 19 Oct 2018 10:43:14 +0800
Subject: python: backport patch to fix CVE-2018-1000802

Backport a patch to fix the following CVE.

CVE: CVE-2018-1000802

(From OE-Core rev: c0343f1035af98cb451eea0de94c16fe89ffdf48)

(From OE-Core rev: 64d0cfb0f2291434f3ceacff99015f6a35942868)

Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---
 meta/recipes-devtools/python/python_2.7.15.bb | 1 +
 1 file changed, 1 insertion(+)

(limited to 'meta/recipes-devtools/python/python_2.7.15.bb')

diff --git a/meta/recipes-devtools/python/python_2.7.15.bb b/meta/recipes-devtools/python/python_2.7.15.bb
index 9e54f22e73..bdbc8d3364 100644
--- a/meta/recipes-devtools/python/python_2.7.15.bb
+++ b/meta/recipes-devtools/python/python_2.7.15.bb
@@ -30,6 +30,7 @@ SRC_URI += "\
   file://pass-missing-libraries-to-Extension-for-mul.patch \
   file://support_SOURCE_DATE_EPOCH_in_py_compile_2.7.patch \
   file://float-endian.patch \
+  file://0001-closes-bpo-34540-Convert-shutil._call_external_zip-t.patch \
 "
 
 S = "${WORKDIR}/Python-${PV}"
-- 
cgit v1.2.3-54-g00ecf