NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
247d3bf567
kumquat-buildroot/package/python3/python3.hash
Peter Korsgaard c8bf903e7a package/python3: security bump to version 3.9.7 
Fixes the following security issues:

- bpo-42278: Replaced usage of tempfile.mktemp() with TemporaryDirectory to
  avoid a potential race condition.

- bpo-41180: Add auditing events to the marshal module, and stop raising
  code.__init__ events for every unmarshalled code object.  Directly
  instantiated code objects will continue to raise an event, and audit event
  handlers should inspect or collect the raw marshal data.  This reduces a
  significant performance overhead when loading from .pyc files.

- bpo-44394: Update the vendored copy of libexpat to 2.4.1 (from 2.2.8) to
  get the fix for the CVE-2013-0340 “Billion Laughs” vulnerability.  This
  copy is most used on Windows and macOS.

- bpo-43124: Made the internal putcmd function in smtplib sanitize input for
  presence of \r and \n characters to avoid (unlikely) command injection.

https://www.python.org/downloads/release/python-397/

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-09-03 17:07:55 +02:00

6 lines
314 B
Plaintext
Raw Blame History

# From https://www.python.org/downloads/release/python-397/
md5 fddb060b483bc01850a3f412eea1d954 Python-3.9.7.tar.xz
# Locally computed
sha256 f8145616e68c00041d1a6399b76387390388f8359581abc24432bb969b5e3c57 Python-3.9.7.tar.xz
sha256 599826df92bfdcd2702eac691072498bb096c55af04ee984cf90f70ed77b5a70 LICENSE
Reference in New Issue View Git Blame Copy Permalink