NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
a378178cdd
kumquat-buildroot/package/python3/python3.hash
James Hilliard 72e8471b5c package/python3: security bump to version 3.10.8 
Fixes the following security issues:

- CVE-2022-40674: bundled libexpat was upgraded from 2.4.7 to 2.4.9 which
  fixes a heap use-after-free vulnerability in function doContent

- gh-97616: a fix for a possible buffer overflow in list *= int

- gh-97612: a fix for possible shell injection in the example script
  get-remote-certificate.py(this issue originally had a CVE assigned to it,
  which its author withdrew)

- gh-96577: a fix for a potential buffer overrun in msilib

License hash changed due to links in license text being changed from
http to https:
96f8d3619d

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[Peter: mark as security bump]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-10-21 20:50:05 +02:00

4 lines
196 B
Plaintext
Raw Blame History

# Locally computed
sha256 6a30ecde59c47048013eb5a658c9b5dec277203d2793667f578df7671f7f03f3 Python-3.10.8.tar.xz
sha256 d4a223f033419313218c9b8444167e91e87a5bebdb43fb8490df441df5220a8b LICENSE
Reference in New Issue View Git Blame Copy Permalink