mirrors/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-04-11 20:48:21 +00:00
Code Issues Projects Releases Wiki Activity
30,805 Commits 63 Branches 0 Tags
cb4570120b0d033c728a788e04b7c75129529a4e
Commit Graph

6 Commits

Author SHA1 Message Date
Gyorgy Sarvari
582d2ba035 python3-m2crypto: mark CVE-2020-25657 as patched 
Details: https://nvd.nist.gov/vuln/detail/CVE-2020-25657

The commit[1] that fixes the vulnerability has been part of the
package since version 0.39.0

[1]: 84c53958de

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit ba6468f7a0)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
 2026-01-26 10:04:47 +05:30
Gyorgy Sarvari
509f680b6e python3-m2crypto: ignore CVE-2009-0127 
Details: https://nvd.nist.gov/vuln/detail/CVE-2009-0127

The vulnerability is disputed[1] by upstream:
"There is no vulnerability in M2Crypto. Nowhere in the functions
are the return values of OpenSSL functions interpreted incorrectly.
The functions provide an interface to their users that may be
considered confusing, but is not incorrect, nor it is a vulnerability."

[1]: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-0127

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit b46a5452a1)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
 2026-01-26 10:04:47 +05:30
Tim Orling
94c20e1ef4 meta-python: drop ${PYTHON_PN} 
python 2 is long unsupported, so we no longer need this variable.

Signed-off-by: Tim Orling <tim.orling@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-02-19 23:22:24 -08:00
Alexander Kanavin
7b927732c6 python3-mcrypto: rely on setuptools for distutils copy 
It's still used in source tree:

src/M2Crypto/__init__.py:    from distutils.version import StrictVersion as Version

Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2023-12-18 22:17:20 -08:00
Alexander Kanavin
6de5e84625 python3-m2crypto: do not rely on smtpd module 
It's not mentioned anywhere in source code, and python 3.12
has removed it.

Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2023-12-18 22:17:20 -08:00
Khem Raj
d6427c99cc python3-m2crypto: upgrade 0.39.0 -> 0.40.1 
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2023-11-06 08:47:41 -08:00