From 29405a94994496b309caf87ffba92ce4a9d4afae Mon Sep 17 00:00:00 2001
From: Peter Korsgaard <peter@korsgaard.com>
Date: Tue, 27 Aug 2024 10:43:30 +0200
Subject: [PATCH] package/python3: security bump to version 3.11.9

Fixes the following security issues:

- gh-115398: Allow controlling Expat >=2.6.0 reparse deferral
  (CVE-2023-52425) by adding five new methods:

        xml.etree.ElementTree.XMLParser.flush()
        xml.etree.ElementTree.XMLPullParser.flush()
        xml.parsers.expat.xmlparser.GetReparseDeferralEnabled()
        xml.parsers.expat.xmlparser.SetReparseDeferralEnabled()
        xml.sax.expatreader.ExpatParser.flush()

- gh-115243: Fix possible crashes in collections.deque.index() when the
  deque is concurrently modified.

- gh-114572: ssl.SSLContext.cert_store_stats() and
  ssl.SSLContext.get_ca_certs() now correctly lock access to the certificate
  store, when the ssl.SSLContext is shared across multiple threads.

For more details, see the changelog:
https://docs.python.org/release/3.11.9/whatsnew/changelog.html#python-3-11-9

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
 package/python3/python3.hash | 6 +++---
 package/python3/python3.mk   | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/package/python3/python3.hash b/package/python3/python3.hash
index 962d32b5d9..c536c80e52 100644
--- a/package/python3/python3.hash
+++ b/package/python3/python3.hash
@@ -1,5 +1,5 @@
-# From https://www.python.org/downloads/release/python-3118/
-md5  b353b8433e560e1af2b130f56dfbd973  Python-3.11.8.tar.xz
+# From https://www.python.org/downloads/release/python-3119/
+md5  22ea467e7d915477152e99d5da856ddc  Python-3.11.9.tar.xz
 # Locally computed
-sha256  9e06008c8901924395bc1da303eac567a729ae012baa182ab39269f650383bb3  Python-3.11.8.tar.xz
+sha256  9b1e896523fc510691126c864406d9360a3d1e986acbda59cda57b5abda45b87  Python-3.11.9.tar.xz
 sha256  3b2f81fe21d181c499c59a256c8e1968455d6689d269aa85373bfb6af41da3bf  LICENSE
diff --git a/package/python3/python3.mk b/package/python3/python3.mk
index 950006698b..5f61456a74 100644
--- a/package/python3/python3.mk
+++ b/package/python3/python3.mk
@@ -5,7 +5,7 @@
 ################################################################################
 
 PYTHON3_VERSION_MAJOR = 3.11
-PYTHON3_VERSION = $(PYTHON3_VERSION_MAJOR).8
+PYTHON3_VERSION = $(PYTHON3_VERSION_MAJOR).9
 PYTHON3_SOURCE = Python-$(PYTHON3_VERSION).tar.xz
 PYTHON3_SITE = https://python.org/ftp/python/$(PYTHON3_VERSION)
 PYTHON3_LICENSE = Python-2.0, others