[dunfell,08/13] python3: update to 3.8.18

Message ID	9205496344bede4a16372ca7a02c2819a976640b.1696102675.git.steve@sakoman.com
State	Accepted, archived
Commit	9205496344bede4a16372ca7a02c2819a976640b
Headers	show Return-Path: <steve@sakoman.com> ip: 209.85.160.43, mailfrom: steve@sakoman.com) From: Steve Sakoman <steve@sakoman.com> To: openembedded-core@lists.openembedded.org Subject: [OE-core][dunfell 08/13] python3: update to 3.8.18 Date: Sat, 30 Sep 2023 09:40:05 -1000 Message-Id: <9205496344bede4a16372ca7a02c2819a976640b.1696102675.git.steve@sakoman.com> In-Reply-To: <cover.1696102675.git.steve@sakoman.com> References: <cover.1696102675.git.steve@sakoman.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	[dunfell,01/13] mdadm: Backport fix for CVE-2023-28736 \| expand [dunfell,01/13] mdadm: Backport fix for CVE-2023-28736 [dunfell,02/13] libwebp: Fix CVE-2023-5129 [dunfell,03/13] libxpm: fix CVE-2022-46285 [dunfell,04/13] nasm: fix CVE-2022-44370 [dunfell,05/13] ghostscript: fix CVE-2023-36664 [dunfell,06/13] qemu: fix CVE-2020-24165 [dunfell,07/13] go: Fix CVE-2023-39318 and CVE-2023-39319 [dunfell,08/13] python3: update to 3.8.18 [dunfell,09/13] nasm: update 2.15.03 -> 2.15.05 [dunfell,10/13] linux-yocto/5.4: update to v5.4.252 [dunfell,11/13] linux-yocto/5.4: update to v5.4.254 [dunfell,12/13] linux-yocto/5.4: update to v5.4.256 [dunfell,13/13] linux-yocto/5.4: update to v5.4.257

Message ID

9205496344bede4a16372ca7a02c2819a976640b.1696102675.git.steve@sakoman.com

State

Accepted, archived

Commit

9205496344bede4a16372ca7a02c2819a976640b

Headers

From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][dunfell 08/13] python3: update to 3.8.18
Date: Sat, 30 Sep 2023 09:40:05 -1000
Message-Id: 
 <9205496344bede4a16372ca7a02c2819a976640b.1696102675.git.steve@sakoman.com>
In-Reply-To: <cover.1696102675.git.steve@sakoman.com>
References: <cover.1696102675.git.steve@sakoman.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Series

[dunfell,01/13] mdadm: Backport fix for CVE-2023-28736 | expand

Commit Message

Steve Sakoman Sept. 30, 2023, 7:40 p.m. UTC

From: Lee Chee Yang <chee.yang.lee@intel.com>

https://docs.python.org/release/3.8.18/whatsnew/changelog.html#changelog

Release date: 2023-08-24

Security
gh-108310: Fixed an issue where instances of ssl.SSLSocket were
vulnerable to a bypass of the TLS handshake and included protections
(like certificate verification) and treating sent unencrypted data as if
it were post-handshake TLS encrypted data. Security issue reported as
CVE-2023-40217 by Aapo Oksman. Patch by Gregory P. Smith.

Library
gh-107845: tarfile.data_filter() now takes the location of symlinks into
account when determining their target, so it will no longer reject some
valid tarballs with LinkOutsideDestinationError.

Tools/Demos
gh-107565: Update multissltests and GitHub CI workflows to use OpenSSL
1.1.1v, 3.0.10, and 3.1.2.

Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../python/{python3_3.8.17.bb => python3_3.8.18.bb}           | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
 rename meta/recipes-devtools/python/{python3_3.8.17.bb => python3_3.8.18.bb} (99%)

diff --git a/meta/recipes-devtools/python/python3_3.8.17.bb b/meta/recipes-devtools/python/python3_3.8.18.bb
similarity index 99%
rename from meta/recipes-devtools/python/python3_3.8.17.bb
rename to meta/recipes-devtools/python/python3_3.8.18.bb
index 00c4ff497a..9d0f72ecf9 100644
--- a/meta/recipes-devtools/python/python3_3.8.17.bb
+++ b/meta/recipes-devtools/python/python3_3.8.18.bb
@@ -43,8 +43,8 @@  SRC_URI_append_class-native = " \
            file://0001-Don-t-search-system-for-headers-libraries.patch \
            "
 
-SRC_URI[md5sum] = "70223497e664524303ca2364208647e1"
-SRC_URI[sha256sum] = "2e54b0c68191f16552f6de2e97a2396540572a219f6bbb28591a137cecc490a9"
+SRC_URI[md5sum] = "5ea6267ea00513fc31d3746feb35842d"
+SRC_URI[sha256sum] = "3ffb71cd349a326ba7b2fadc7e7df86ba577dd9c4917e52a8401adbda7405e3f"
 
 # exclude pre-releases for both python 2.x and 3.x
 UPSTREAM_CHECK_REGEX = "[Pp]ython-(?P<pver>\d+(\.\d+)+).tar"