]> git.ipfire.org Git - thirdparty/openembedded/openembedded-core.git/commit
projects / thirdparty / openembedded / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 8de380d) | patch
python3: update to 3.8.18
authorLee Chee Yang <chee.yang.lee@intel.com>
Wed, 6 Sep 2023 02:21:14 +0000 (10:21 +0800)
committerSteve Sakoman <steve@sakoman.com>
Fri, 29 Sep 2023 15:38:27 +0000 (05:38 -1000)
commit9205496344bede4a16372ca7a02c2819a976640b
treef6f52095f62a2c5ae7edeb482abca5bc8792f15dtree | snapshot
parent8de380d765d8f47a961c6e45eba1cfa4d2feb68fcommit | diff
python3: update to 3.8.18

https://docs.python.org/release/3.8.18/whatsnew/changelog.html#changelog

Release date: 2023-08-24

Security
gh-108310: Fixed an issue where instances of ssl.SSLSocket were
vulnerable to a bypass of the TLS handshake and included protections
(like certificate verification) and treating sent unencrypted data as if
it were post-handshake TLS encrypted data. Security issue reported as
CVE-2023-40217 by Aapo Oksman. Patch by Gregory P. Smith.

Library
gh-107845: tarfile.data_filter() now takes the location of symlinks into
account when determining their target, so it will no longer reject some
valid tarballs with LinkOutsideDestinationError.

Tools/Demos
gh-107565: Update multissltests and GitHub CI workflows to use OpenSSL
1.1.1v, 3.0.10, and 3.1.2.

Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
meta/recipes-devtools/python/python3_3.8.18.bb [moved from meta/recipes-devtools/python/python3_3.8.17.bb with 99% similarity] diff | blob | blame | history
Mirror of git://git.openembedded.org/openembedded-core