python3-cbor2: patch CVE-2025-68131

Backport the patch[1] which fixes this vulnerability as mentioned in the comment[2]. Details: https://nvd.nist.gov/vuln/detail/CVE-2025-68131 [1] f1d701cd2c [2] https://github.com/agronholm/cbor2/pull/268#issuecomment-3719179000 Dropped changes to the changelog from the original commit. Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
2026-04-17 10:38:17 +00:00 · 2026-01-25 13:36:23 +13:00
parent 8331a444fd
commit daacf501a1
2 changed files with 518 additions and 0 deletions
--- a/meta-python/recipes-devtools/python/python3-cbor2_5.6.4.bb
+++ b/meta-python/recipes-devtools/python/python3-cbor2_5.6.4.bb
@@ -13,6 +13,7 @@ DEPENDS += "python3-setuptools-scm-native"
 SRC_URI += " \
        file://run-ptest \
        file://CVE-2025-64076.patch \
+        file://CVE-2025-68131.patch \
 "

 RDEPENDS:${PN}-ptest += " \