mirror of
https://github.com/openembedded/meta-openembedded.git
synced 2026-06-13 17:39:57 +00:00
Gyorgy Sarvari
a892f6cfc9
Contains fix for CVE-2026-14009.
Changelog:
* Fix CVE-2025-14009: secure ZIP extraction in nltk.downloader
* Block path traversal/arbitrary reads in nltk.data for protocol-less refs
* Block path traversal/abs paths in corpus readers and FS pointers
* Validate external StanfordSegmenter JARs using SHA256
* Add optional sandbox enforcement for filestring()
* Maintenance: downloader/zipped models, CI/tooling updates
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 14d464c150)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
25 lines
742 B
BlitzBasic
25 lines
742 B
BlitzBasic
SUMMARY = "Natural Language Toolkit"
|
|
DESCRIPTION = "NLTK is a leading platform for building Python programs to work \
|
|
with human language data. It provides easy-to-use interfaces to \
|
|
over 50 corpora and lexical resources such as WordNet"
|
|
HOMEPAGE = "https://www.nltk.org"
|
|
BUGTRACKER = "https://github.com/nltk/nltk/issues"
|
|
LICENSE = "Apache-2.0"
|
|
LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=3b83ef96387f14655fc854ddc3c6bd57"
|
|
|
|
RDEPENDS:${PN} = "\
|
|
python3-click \
|
|
python3-joblib \
|
|
python3-tqdm \
|
|
python3-regex \
|
|
python3-xmlschema \
|
|
"
|
|
|
|
RRECOMMENDS:${PN} = "\
|
|
python3-numpy \
|
|
"
|
|
|
|
inherit setuptools3 pypi
|
|
|
|
SRC_URI[sha256sum] = "cb5945d6424a98d694c2b9a0264519fab4363711065a46aa0ae7a2195b92e71f"
|