mirror of
https://git.yoctoproject.org/poky
synced 2026-07-16 03:47:03 +00:00
python3-cryptography: Fix CVE-2026-26007
CVE-2026-26007 is fixed upstream in version 46.0.5. Our current version (42.0.5, scarthgap) is still reported as vulnerable by NVD. Backport the upstream fix to address this CVE. Upstream commit: https://github.com/pyca/cryptography/commit/0eebb9dbb6343d9bc1d91e5a2482ed4e054a6d8c CVE report: https://nvd.nist.gov/vuln/detail/CVE-2026-26007 (From OE-Core rev: a363958725430237160b0a83a6a6acbe8380fba3) Signed-off-by: Nguyen Dat Tho <tho3.nguyen@lge.com> Signed-off-by: Yoann Congal <yoann.congal@smile.fr> Signed-off-by: Paul Barker <paul@pbarker.dev>
This commit is contained in:
committed by
Paul Barker
parent
5c365149ac
commit
7421603502
@@ -11,6 +11,7 @@ LDSHARED += "-pthread"
|
||||
SRC_URI[sha256sum] = "6fe07eec95dfd477eb9530aef5bead34fec819b3aaf6c5bd6d20565da607bfe1"
|
||||
|
||||
SRC_URI += "file://0001-pyproject.toml-remove-benchmark-disable-option.patch \
|
||||
file://CVE-2026-26007.patch \
|
||||
file://check-memfree.py \
|
||||
file://run-ptest \
|
||||
"
|
||||
|
||||
Reference in New Issue
Block a user