[kirkstone,11/14] python3: upgrade to 3.10.13

Message ID	a30e51b8d13912f0d68bfffcd2d8ae6431d2b863.1694004064.git.steve@sakoman.com
State	Accepted, archived
Commit	a30e51b8d13912f0d68bfffcd2d8ae6431d2b863
Headers	show Return-Path: <steve@sakoman.com> ip: 209.85.214.169, mailfrom: steve@sakoman.com) From: Steve Sakoman <steve@sakoman.com> To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 11/14] python3: upgrade to 3.10.13 Date: Wed, 6 Sep 2023 02:48:18 -1000 Message-Id: <a30e51b8d13912f0d68bfffcd2d8ae6431d2b863.1694004064.git.steve@sakoman.com> In-Reply-To: <cover.1694004064.git.steve@sakoman.com> References: <cover.1694004064.git.steve@sakoman.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	[kirkstone,01/14] tiff: fix CVE-2023-2908,CVE-2023-3316,CVE-2023-3618 \| expand [kirkstone,01/14] tiff: fix CVE-2023-2908,CVE-2023-3316,CVE-2023-3618 [kirkstone,02/14] inetutils: Backport fix for CVE-2023-40303 [kirkstone,03/14] libtiff: fix CVE-2023-26966 Buffer Overflow [kirkstone,04/14] json-c: fix CVE-2021-32292 [kirkstone,05/14] ncurses: fix CVE-2023-29491 [kirkstone,06/14] busybox: fix CVE-2022-48174 [kirkstone,07/14] webkitgtk: fix CVE-2023-23529 [kirkstone,08/14] libssh2: fix CVE-2020-22218 [kirkstone,09/14] file: fix CVE-2022-48554 [kirkstone,10/14] nasm: fix CVE-2020-21528 [kirkstone,11/14] python3: upgrade to 3.10.13 [kirkstone,12/14] efivar: backport 5 patches to fix build with gold [kirkstone,13/14] libdnf: resolve cstdint inclusion for newer gcc versions [kirkstone,14/14] sysklogd: fix integration with systemd-journald

Message ID

a30e51b8d13912f0d68bfffcd2d8ae6431d2b863.1694004064.git.steve@sakoman.com

State

Accepted, archived

Commit

a30e51b8d13912f0d68bfffcd2d8ae6431d2b863

Headers

From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 11/14] python3: upgrade to 3.10.13
Date: Wed,  6 Sep 2023 02:48:18 -1000
Message-Id: 
 <a30e51b8d13912f0d68bfffcd2d8ae6431d2b863.1694004064.git.steve@sakoman.com>
In-Reply-To: <cover.1694004064.git.steve@sakoman.com>
References: <cover.1694004064.git.steve@sakoman.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Series

[kirkstone,01/14] tiff: fix CVE-2023-2908,CVE-2023-3316,CVE-2023-3618 | expand

Commit Message

Steve Sakoman Sept. 6, 2023, 12:48 p.m. UTC

From: Chee Yang Lee <chee.yang.lee@intel.com>

Release date: 2023-08-24

Security
gh-108310: Fixed an issue where instances of ssl.SSLSocket were
vulnerable to a bypass of the TLS handshake and included protections
(like certificate verification) and treating sent unencrypted data as if
it were post-handshake TLS encrypted data. Security issue reported as
CVE-2023-40217 by Aapo Oksman. Patch by Gregory P. Smith.

Library
gh-107845: tarfile.data_filter() now takes the location of symlinks into
account when determining their target, so it will no longer reject some
valid tarballs with LinkOutsideDestinationError.

Tools/Demos
gh-107565: Update multissltests and GitHub CI workflows to use OpenSSL
1.1.1v, 3.0.10, and 3.1.2.

C API
gh-99612: Fix PyUnicode_DecodeUTF8Stateful() for ASCII-only data:
*consumed was not set.

Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../python/{python3_3.10.12.bb => python3_3.10.13.bb}           | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta/recipes-devtools/python/{python3_3.10.12.bb => python3_3.10.13.bb} (99%)

diff --git a/meta/recipes-devtools/python/python3_3.10.12.bb b/meta/recipes-devtools/python/python3_3.10.13.bb
similarity index 99%
rename from meta/recipes-devtools/python/python3_3.10.12.bb
rename to meta/recipes-devtools/python/python3_3.10.13.bb
index 74f1defc95..ba53a09ef5 100644
--- a/meta/recipes-devtools/python/python3_3.10.12.bb
+++ b/meta/recipes-devtools/python/python3_3.10.13.bb
@@ -43,7 +43,7 @@  SRC_URI:append:class-native = " \
            file://12-distutils-prefix-is-inside-staging-area.patch \
            file://0001-Don-t-search-system-for-headers-libraries.patch \
            "
-SRC_URI[sha256sum] = "afb74bf19130e7a47d10312c8f5e784f24e0527981eab68e20546cfb865830b8"
+SRC_URI[sha256sum] = "5c88848668640d3e152b35b4536ef1c23b2ca4bd2c957ef1ecbb053f571dd3f6"
 
 # exclude pre-releases for both python 2.x and 3.x
 UPSTREAM_CHECK_REGEX = "[Pp]ython-(?P<pver>\d+(\.\d+)+).tar"