]> git.ipfire.org Git - thirdparty/openembedded/openembedded-core.git/commit
projects / thirdparty / openembedded / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: bb3fc61) | patch
python3: ignore CVE-2015-20107
authorRoss Burton <ross.burton@arm.com>
Mon, 25 Apr 2022 11:24:44 +0000 (12:24 +0100)
committerSteve Sakoman <steve@sakoman.com>
Fri, 29 Apr 2022 17:24:59 +0000 (07:24 -1000)
commit1ed7bb74d35f08af3babf73c68ee01af5f28a50b
treef888dca09499eb024cf4a8b2d8024bf4fe290492tree
parentbb3fc61f0d7f7bcd77ef194b76f4fdd8a7ff6aa5commit | diff
python3: ignore CVE-2015-20107

CVE-2015-20107 describes an arbitrary command execution in the mailcap
module, but this is by design in mailcap and needs to be worked around
by the calling application.

Upstream Python will be documenting this flaw in the library reference,
and it is likely that the mailcap module will be deprecated and removed
in the future.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 85fac8408baf92d8b71946f5bfea92952b7eab01)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
meta/recipes-devtools/python/python3_3.8.13.bb diff | blob | blame | history
Mirror of git://git.openembedded.org/openembedded-core