mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-06-03 13:49:49 +00:00
Code Issues Projects Releases Wiki Activity

python3: whitelist CVE-2020-15523

Browse Source 
This CVE is issue on _Py_CheckPython3 uses uninitialized dllpath when embedder sets module path with Py_SetPath.
Since it is .dll issue (on windows only), hence whitelist it.

https://bugs.python.org/issue29778

(From OE-Core rev: c216431d0704bd8be237e860bbdc32be34a82aee)

Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
Lee Chee Yang
2020-11-19 19:00:33 +08:00
committed by Richard Purdie
parent 4dfddb155e
commit 17d7d64ebe
1 changed files with 3 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
meta/recipes-devtools/python/python3_3.8.2.bb
+3
View File
@@ -54,6 +54,9 @@ CVE_PRODUCT = "python"
# This is not exploitable when glibc has CVE-2016-10739 fixed. # This is not exploitable when glibc has CVE-2016-10739 fixed.
CVE_CHECK_WHITELIST += "CVE-2019-18348" CVE_CHECK_WHITELIST += "CVE-2019-18348"
# This is windows only issue.
CVE_CHECK_WHITELIST += "CVE-2020-15523"
PYTHON_MAJMIN = "3.8" PYTHON_MAJMIN = "3.8"
S = "${WORKDIR}/Python-${PV}" S = "${WORKDIR}/Python-${PV}"