From 6b86b7fd577fca9a7705d5a8dafaab6551225d5b Mon Sep 17 00:00:00 2001
From: Changqing Li <changqing.li@windriver.com>
Date: Thu, 10 Oct 2019 17:02:51 +0800
Subject: python: Fix CVE-2019-10160

(From OE-Core rev: 50ba17abdcc6579ce0629cf1755d45308facb768)

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
(cherry picked from commit b4240b585d7fcac2fdbf33a8e72d48cb732eb696)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---
 meta/recipes-devtools/python/python_2.7.16.bb | 1 +
 1 file changed, 1 insertion(+)

(limited to 'meta/recipes-devtools/python/python_2.7.16.bb')

diff --git a/meta/recipes-devtools/python/python_2.7.16.bb b/meta/recipes-devtools/python/python_2.7.16.bb
index aec877825e..ebb4824cc1 100644
--- a/meta/recipes-devtools/python/python_2.7.16.bb
+++ b/meta/recipes-devtools/python/python_2.7.16.bb
@@ -31,6 +31,7 @@ SRC_URI += " \
            file://float-endian.patch \
            file://0001-python2-use-cc_basename-to-replace-CC-for-checking-c.patch \
            file://0001-2.7-bpo-34155-Dont-parse-domains-containing-GH-13079.patch \
+           file://bpo-36742-cve-2019-10160.patch \
 "
 
 S = "${WORKDIR}/Python-${PV}"
-- 
cgit v1.2.3-54-g00ecf