From: Lee Chee Yang Date: Wed, 6 Sep 2023 02:21:14 +0000 (+0800) Subject: python3: update to 3.8.18 X-Git-Tag: 2020-04.29-dunfell~34 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=9205496344bede4a16372ca7a02c2819a976640b;p=thirdparty%2Fopenembedded%2Fopenembedded-core.git python3: update to 3.8.18 https://docs.python.org/release/3.8.18/whatsnew/changelog.html#changelog Release date: 2023-08-24 Security gh-108310: Fixed an issue where instances of ssl.SSLSocket were vulnerable to a bypass of the TLS handshake and included protections (like certificate verification) and treating sent unencrypted data as if it were post-handshake TLS encrypted data. Security issue reported as CVE-2023-40217 by Aapo Oksman. Patch by Gregory P. Smith. Library gh-107845: tarfile.data_filter() now takes the location of symlinks into account when determining their target, so it will no longer reject some valid tarballs with LinkOutsideDestinationError. Tools/Demos gh-107565: Update multissltests and GitHub CI workflows to use OpenSSL 1.1.1v, 3.0.10, and 3.1.2. Signed-off-by: Lee Chee Yang Signed-off-by: Steve Sakoman --- diff --git a/meta/recipes-devtools/python/python3_3.8.17.bb b/meta/recipes-devtools/python/python3_3.8.18.bb similarity index 99% rename from meta/recipes-devtools/python/python3_3.8.17.bb rename to meta/recipes-devtools/python/python3_3.8.18.bb index 00c4ff497ae..9d0f72ecf93 100644 --- a/meta/recipes-devtools/python/python3_3.8.17.bb +++ b/meta/recipes-devtools/python/python3_3.8.18.bb @@ -43,8 +43,8 @@ SRC_URI_append_class-native = " \ file://0001-Don-t-search-system-for-headers-libraries.patch \ " -SRC_URI[md5sum] = "70223497e664524303ca2364208647e1" -SRC_URI[sha256sum] = "2e54b0c68191f16552f6de2e97a2396540572a219f6bbb28591a137cecc490a9" +SRC_URI[md5sum] = "5ea6267ea00513fc31d3746feb35842d" +SRC_URI[sha256sum] = "3ffb71cd349a326ba7b2fadc7e7df86ba577dd9c4917e52a8401adbda7405e3f" # exclude pre-releases for both python 2.x and 3.x UPSTREAM_CHECK_REGEX = "[Pp]ython-(?P\d+(\.\d+)+).tar"