mirror of
https://git.yoctoproject.org/poky
synced 2026-05-09 17:39:31 +00:00
Hongxu Jia
af06cbf82b
According to [1] which provided the fix link [2], but upstream author reworked it later [3][4][5] Backport and rebase all the patches for tracing [1] https://nvd.nist.gov/vuln/detail/CVE-2024-5569 [2] https://github.com/jaraco/zipp/commit/fd604bd34f0343472521a36da1fbd22e793e14fd [3] https://github.com/jaraco/zipp/commit/3cb5609002263eb19f7b5efda82d96f1f57fe876 [4] https://github.com/jaraco/zipp/commit/f89b93f0370dd85d23d243e25dfc1f99f4d8de48 [5] https://github.com/jaraco/zipp/commit/cc61e6140f0dfde2ff372db932442cf6df890f09 (From OE-Core rev: 13bd99e17f0aca108839e81e9aa0b14351116fdf) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
27 lines
944 B
BlitzBasic
27 lines
944 B
BlitzBasic
DESCRIPTION = "Backport of pathlib-compatible object wrapper for zip files"
|
|
HOMEPAGE = "https://github.com/jaraco/zipp"
|
|
LICENSE = "MIT"
|
|
LIC_FILES_CHKSUM = "file://LICENSE;md5=7a7126e068206290f3fe9f8d6c713ea6"
|
|
|
|
SRC_URI[sha256sum] = "9f50f446828eb9d45b267433fd3e9da8d801f614129124863f9c51ebceafb87d"
|
|
|
|
DEPENDS += "${PYTHON_PN}-setuptools-scm-native"
|
|
|
|
inherit pypi python_setuptools_build_meta
|
|
|
|
SRC_URI += " \
|
|
file://0001-Add-SanitizedNames-mixin.patch \
|
|
file://0002-Employ-SanitizedNames-in-CompleteDirs.-Fixes-broken-.patch \
|
|
file://0003-Removed-SanitizedNames.patch \
|
|
file://0004-Address-infinite-loop-when-zipfile-begins-with-more-.patch \
|
|
file://0005-Prefer-simpler-path.rstrip-to-consolidate-checks-for.patch \
|
|
"
|
|
|
|
DEPENDS += "${PYTHON_PN}-toml-native"
|
|
|
|
RDEPENDS:${PN} += "${PYTHON_PN}-compression \
|
|
${PYTHON_PN}-math \
|
|
${PYTHON_PN}-more-itertools"
|
|
|
|
BBCLASSEXTEND = "native nativesdk"
|