Refresh patches.
* https://www.python.org/downloads/release/python-3134/
Security content in this release
* gh-135034: [CVE 2024-12718] [CVE 2025-4138] [CVE 2025-4330]
[CVE 2025-4435] [CVE 2025-4517] Fixes multiple issues that allowed
tarfile extraction filters (filter="data" and filter="tar") to be
bypassed using crafted symlinks and hard links.
* gh-133767: Fix use-after-free in the “unicode-escape” decoder with a
non-“strict” error handler.
* gh-128840: Short-circuit the processing of long IPv6 addresses early
in ipaddress to prevent excessive memory consumption and a minor
denial-of-service.
gh-133767 got meawhile CVE-2025-4516 assigned.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
index 9ec3a71..f7d5382 100644
--- a/Makefile.pre.in
+++ b/Makefile.pre.in
-@@ -2578,6 +2578,8 @@ python-config: $(srcdir)/Misc/python-config.in Misc/python-config.sh
+@@ -2585,6 +2585,8 @@ python-config: $(srcdir)/Misc/python-config.in Misc/python-config.sh
@ # Substitution happens here, as the completely-expanded BINDIR
@ # is not available in configure
sed -e "s,@EXENAME@,$(EXENAME)," < $(srcdir)/Misc/python-config.in >python-config.py
index f8e1c7d..0882526 100644
--- a/Lib/sysconfig/__init__.py
+++ b/Lib/sysconfig/__init__.py
-@@ -494,6 +494,11 @@ def _init_config_vars():
+@@ -501,6 +501,11 @@ def _init_config_vars():
_CONFIG_VARS['VPATH'] = sys._vpath
if os.name == 'posix':
_init_posix(_CONFIG_VARS)
index 5dae370..23eb971 100644
--- a/Lib/test/_test_multiprocessing.py
+++ b/Lib/test/_test_multiprocessing.py
-@@ -688,6 +688,7 @@ class _TestProcess(BaseTestCase):
+@@ -701,6 +701,7 @@ class _TestProcess(BaseTestCase):
close_queue(q)
@support.requires_resource('walltime')
def test_many_processes(self):
if self.TYPE == 'threads':
self.skipTest('test not appropriate for {}'.format(self.TYPE))
-@@ -2211,6 +2212,7 @@ class _TestBarrier(BaseTestCase):
+@@ -2232,6 +2233,7 @@ class _TestBarrier(BaseTestCase):
except threading.BrokenBarrierError:
results.append(True)
def test_timeout(self):
"""
Test wait(timeout)
-@@ -5299,6 +5301,7 @@ class TestWait(unittest.TestCase):
+@@ -5320,6 +5322,7 @@ class TestWait(unittest.TestCase):
time.sleep(period)
@support.requires_resource('walltime')
index c5394de..ed17fb6 100644
--- a/Lib/test/test_builtin.py
+++ b/Lib/test/test_builtin.py
-@@ -2435,6 +2435,7 @@ class PtyTests(unittest.TestCase):
+@@ -2474,6 +2474,7 @@ class PtyTests(unittest.TestCase):
"byte 0xe9 in position 4: ordinal not in "
"range(128)")
index 23eb971..b1295b2 100644
--- a/Lib/test/_test_multiprocessing.py
+++ b/Lib/test/_test_multiprocessing.py
-@@ -585,6 +585,7 @@ class _TestProcess(BaseTestCase):
+@@ -594,6 +594,7 @@ class _TestProcess(BaseTestCase):
self.assertTrue(type(cpus) is int)
self.assertTrue(cpus >= 1)
Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
---
- Lib/test/test_readline.py | 2 ++
- 1 file changed, 2 insertions(+)
+ Lib/test/test_readline.py | 3 +++
+ 1 file changed, 3 insertions(+)
--- a/Lib/test/test_readline.py
+++ b/Lib/test/test_readline.py
-@@ -70,6 +70,7 @@ class TestHistoryManipulation (unittest.
+@@ -71,6 +71,7 @@ class TestHistoryManipulation (unittest.TestCase):
@unittest.skipUnless(hasattr(readline, "append_history_file"),
"append_history not available")
def test_write_read_append(self):
hfile = tempfile.NamedTemporaryFile(delete=False)
hfile.close()
-@@ -141,6 +142,7 @@ class TestHistoryManipulation (unittest.
+@@ -142,6 +143,7 @@ class TestHistoryManipulation (unittest.TestCase):
self.assertEqual(readline.get_history_item(1), "entrée 1")
self.assertEqual(readline.get_history_item(2), "entrée 22")
def test_write_read_limited_history(self):
previous_length = readline.get_history_length()
self.addCleanup(readline.set_history_length, previous_length)
-@@ -382,6 +384,7 @@ readline.write_history_file(history_file
+@@ -390,6 +392,7 @@ readline.write_history_file(history_file)
self.assertIn(b"done", output)
index bed0e6d..36602be 100644
--- a/Lib/test/test_ftplib.py
+++ b/Lib/test/test_ftplib.py
-@@ -627,6 +627,7 @@ class TestFTPClass(TestCase):
+@@ -630,6 +630,7 @@ class TestFTPClass(TestCase):
self.client.storbinary('stor', f, rest=r)
self.assertEqual(self.server.handler_instance.rest, str(r))
index be1b9ea..9ec3a71 100644
--- a/Makefile.pre.in
+++ b/Makefile.pre.in
-@@ -2485,7 +2485,7 @@ COMPILEALL_OPTS=-j0
+@@ -2492,7 +2492,7 @@ COMPILEALL_OPTS=-j0
TEST_MODULES=@TEST_MODULES@
.PHONY: libinstall
file://0001-Lib-sysconfig.py-use-prefix-value-from-build-configu.patch \
"
-SRC_URI[sha256sum] = "40f868bcbdeb8149a3149580bb9bfd407b3321cd48f0be631af955ac92c0e041"
+SRC_URI[sha256sum] = "27b15a797562a2971dce3ffe31bb216042ce0b995b39d768cf15f784cc757365"
# exclude pre-releases for both python 2.x and 3.x
UPSTREAM_CHECK_REGEX = "[Pp]ython-(?P<pver>\d+(\.\d+)+).tar"
projects / thirdparty / openembedded / openembedded-core-contrib.git / commitdiff
