All of lore.kernel.org
 help / color / mirror / Atom feed
* [Buildroot] [git commit] package/python: security bump to version 2.7.17
@ 2019-10-20 13:42 Thomas Petazzoni
  2019-10-30  9:26 ` Peter Korsgaard
  0 siblings, 1 reply; 2+ messages in thread
From: Thomas Petazzoni @ 2019-10-20 13:42 UTC (permalink / raw)
  To: buildroot

commit: https://git.buildroot.net/buildroot/commit/?id=7df07cb611ce441d37b40ee4133585b323d63b44
branch: https://git.buildroot.net/buildroot/commit/?id=refs/heads/master

This release fixes CVE-2019-9740, CVE-2019-9948, CVE-2019-15903.

Adjust 0002-Fix-get_python_inc-for-cross-compilation.patch for 2.7.17.

Remove the following patches (now on upstream):
* 0035-bpo-35907-CVE-2019-9948-urllib-rejects-local_file-sc.patch
* 0036-bpo-36216-Add-check-for-characters-in-netloc-that-no.patch
* 0037-3.7-bpo-36216-Only-print-test-messages-when-verbose-.patch
* 0038-bpo-36742-Fixes-handling-of-pre-normalization-charac.patch
* 0039-bpo-36742-Corrects-fix-to-handle-decomposition-in-us.patch
* 0040-2.7-bpo-36742-Fix-urlparse.urlsplit-error-message-fo.patch
* 0041-bpo-30458-Disallow-control-chars-in-http-URLs-GH-127.patch

Full release details at:
https://github.com/python/cpython/blob/v2.7.17/Misc/NEWS.d/2.7.17rc1.rst

run-tests results:
10:30:20 TestPython2                              Starting
10:30:21 TestPython2                              Building
10:37:37 TestPython2                              Building done
10:37:47 TestPython2                              Cleaning up

^ permalink raw reply	[flat|nested] 2+ messages in thread
* [Buildroot] [git commit] package/python: security bump to version 2.7.17
  2019-10-20 13:42 [Buildroot] [git commit] package/python: security bump to version 2.7.17 Thomas Petazzoni
@ 2019-10-30  9:26 ` Peter Korsgaard
  0 siblings, 0 replies; 2+ messages in thread
From: Peter Korsgaard @ 2019-10-30  9:26 UTC (permalink / raw)
  To: buildroot

>>>>> "Thomas" == Thomas Petazzoni <thomas.petazzoni@bootlin.com> writes:

 > commit: https://git.buildroot.net/buildroot/commit/?id=7df07cb611ce441d37b40ee4133585b323d63b44
 > branch: https://git.buildroot.net/buildroot/commit/?id=refs/heads/master

 > This release fixes CVE-2019-9740, CVE-2019-9948, CVE-2019-15903.

 > Adjust 0002-Fix-get_python_inc-for-cross-compilation.patch for 2.7.17.

 > Remove the following patches (now on upstream):
 > * 0035-bpo-35907-CVE-2019-9948-urllib-rejects-local_file-sc.patch
 > * 0036-bpo-36216-Add-check-for-characters-in-netloc-that-no.patch
 > * 0037-3.7-bpo-36216-Only-print-test-messages-when-verbose-.patch
 > * 0038-bpo-36742-Fixes-handling-of-pre-normalization-charac.patch
 > * 0039-bpo-36742-Corrects-fix-to-handle-decomposition-in-us.patch
 > * 0040-2.7-bpo-36742-Fix-urlparse.urlsplit-error-message-fo.patch
 > * 0041-bpo-30458-Disallow-control-chars-in-http-URLs-GH-127.patch

 > Full release details at:
 > https://github.com/python/cpython/blob/v2.7.17/Misc/NEWS.d/2.7.17rc1.rst

 > run-tests results:
 > 10:30:20 TestPython2                              Starting
 > 10:30:21 TestPython2                              Building
 > 10:37:37 TestPython2                              Building done
 > 10:37:47 TestPython2                              Cleaning up

Committed to 2019.02.x and 2019.08.x, thanks.

-- 
Bye, Peter Korsgaard

^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2019-10-30  9:26 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-10-20 13:42 [Buildroot] [git commit] package/python: security bump to version 2.7.17 Thomas Petazzoni
2019-10-30  9:26 ` Peter Korsgaard

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.