Handles CVE-2025-6075 (in 3.13.10) and CVE-2025-12084 (in 3.13.11).
Release information:
* https://www.python.org/downloads/release/python-31310/
* Python 3.13.10 is the tenth maintenance release of 3.13, containing
around 300 bugfixes, build improvements and documentation changes
since 3.13.9.
* https://www.python.org/downloads/release/python-31311/
* Python 3.13.11 is the eleventh maintenance release of 3.13. This is
an expedited release to fix the following regressions:
* gh-142206: Exceptions in multiprocessing in running programs while
upgrading Python.
* gh-142218: Segmentation faults and assertion failures in
insertdict.
* gh-140797: Crash when using multiple capturing groups in re.Scanner
* And these security fixes:
* gh-142145: Remove quadratic behavior in node ID cache clearing
(CVE-2025-12084)
* gh-119451: Fix a potential denial of service in http.client
* gh-119452: Fix a potential virtual memory allocation denial of
service in http.server
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
file://0001-Lib-sysconfig.py-use-prefix-value-from-build-configu.patch \
"
-SRC_URI[sha256sum] = "ed5ef34cda36cfa2f3a340f07cac7e7814f91c7f3c411f6d3562323a866c5c66"
+SRC_URI[sha256sum] = "16ede7bb7cdbfa895d11b0642fa0e523f291e6487194d53cf6d3b338c3a17ea2"
# exclude pre-releases for both python 2.x and 3.x
UPSTREAM_CHECK_REGEX = "[Pp]ython-(?P<pver>\d+(\.\d+)+).tar"
projects / thirdparty / openembedded / openembedded-core.git / commitdiff
