mirror of
https://github.com/openembedded/meta-openembedded.git
synced 2026-02-27 06:31:01 +00:00
14d464c150
Contains fix for CVE-2026-14009. Changelog: * Fix CVE-2025-14009: secure ZIP extraction in nltk.downloader * Block path traversal/arbitrary reads in nltk.data for protocol-less refs * Block path traversal/abs paths in corpus readers and FS pointers * Validate external StanfordSegmenter JARs using SHA256 * Add optional sandbox enforcement for filestring() * Maintenance: downloader/zipped models, CI/tooling updates Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
27 lines
764 B
BlitzBasic
27 lines
764 B
BlitzBasic
SUMMARY = "Natural Language Toolkit"
|
|
DESCRIPTION = "NLTK is a leading platform for building Python programs to work \
|
|
with human language data. It provides easy-to-use interfaces to \
|
|
over 50 corpora and lexical resources such as WordNet"
|
|
HOMEPAGE = "https://www.nltk.org"
|
|
BUGTRACKER = "https://github.com/nltk/nltk/issues"
|
|
LICENSE = "Apache-2.0"
|
|
LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=3b83ef96387f14655fc854ddc3c6bd57"
|
|
|
|
CVE_PRODUCT = "nltk"
|
|
|
|
RDEPENDS:${PN} = "\
|
|
python3-click \
|
|
python3-joblib \
|
|
python3-tqdm \
|
|
python3-regex \
|
|
python3-xmlschema \
|
|
"
|
|
|
|
RRECOMMENDS:${PN} = "\
|
|
python3-numpy \
|
|
"
|
|
|
|
inherit setuptools3 pypi
|
|
|
|
SRC_URI[sha256sum] = "cb5945d6424a98d694c2b9a0264519fab4363711065a46aa0ae7a2195b92e71f"
|