mirrors/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-06-13 17:39:57 +00:00
Code Issues Projects Releases Wiki Activity
Files
457e1a61e09e26e722f1e136de6a04896c8bc1a6
meta-openembedded/meta-python
T
History
Naman Jain 457e1a61e0 python3-protobuf: ignore CVE-2024-7254 
CVE-2024-7254 is a stack overflow vulnerability caused by unbounded
recursion, specifically within the Java Protobuf Lite and Full runtimes
(including Kotlin and JRuby bindings).

The python3-protobuf recipe builds the Python implementation using the
C++ backend (--cpp_implementation). This implementation does not
contain the vulnerable Java-specific parsing logic (such as
DiscardUnknownFieldsParser or ArrayDecoders).

Authoritative security sources, including Red Hat and GitHub Advisory
have confirmed that non-Java implementations
(Python/C++) are not affected by this specific flaw.

Reference: https://access.redhat.com/security/cve/cve-2024-7254

Signed-off-by: Naman Jain <namanj1@kpit.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
2026-04-03 10:40:37 +00:00
..
classes
meta-python: Clean up recipes and classes that were moved to oe-core
2022-03-16 09:25:28 -04:00
conf
layer.conf: change layer priority to match oe-core
2022-02-28 08:39:26 -08:00
licenses
python3-crc32c: add 2.2.post0
2022-03-01 09:06:56 -08:00
recipes-connectivity
python3-thrift: add missing run-time dependencies
2025-10-02 15:16:50 +02:00
recipes-core
meta-python-image: Fix build depends
2022-05-17 05:57:10 -07:00
recipes-devtools
python3-protobuf: ignore CVE-2024-7254
2026-04-03 10:40:37 +00:00
recipes-extended
python3-blivet: upgrade 3.4.3 -> 3.4.4
2026-01-30 18:59:28 +01:00
COPYING.MIT
README
readme: update maintainer
2025-09-18 11:49:40 +02:00

README 

meta-python
================================

Introduction
-------------------------

This layer is intended to be the home of python modules for OpenEmbedded.

Dependencies
-------------------------

The meta-python layer depends on:

	URI: git://git.openembedded.org/openembedded-core
	layers: meta
	branch: kirkstone

	URI: git://git.openembedded.org/meta-openembedded
	layers: meta-oe
	branch: kirkstone

Please follow the recommended setup procedures of your OE distribution.
For Angstrom that is:
        http://www.angstrom-distribution.org/building-angstrom,
other distros should have similar online resources.

Contributing
-------------------------

The meta-openembedded mailinglist
(openembedded-devel@lists.openembedded.org) is used for questions,
comments and patch review. It is subscriber only, so please register
before posting.

Send pull requests to openembedded-devel@lists.openembedded.org with
'[meta-python][kirkstone]' in the subject.

When sending single patches, please use something like:
git send-email -M -1 --to=openembedded-devel@lists.openembedded.org --subject-prefix='meta-python][kirkstone][PATCH'

Maintenance
-------------------------

Layer maintainer: Gyorgy Sarvari <skandigraun@gmail.com>
Layer maintainer emeritus: Armin Kuster <akuster808@gmail.com>
Reference in New Issue View Git Blame Copy Permalink