[Buildroot] [PATCH 1/3] package/python: add upstream security fix for CVE-2019-9948
Thomas Petazzoni
thomas.petazzoni at bootlin.com
Mon Jun 17 19:05:58 UTC 2019
On Sun, 16 Jun 2019 23:17:09 +0200
Peter Korsgaard <peter at korsgaard.com> wrote:
> Fixes CVE-2019-9948: Unnecessary URL scheme exists to allow file:// reading
> file in urllib.
>
> https://bugs.python.org/issue35907
>
> Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
> ---
> ...VE-2019-9948-urllib-rejects-local_file-sc.patch | 59 ++++++++++++++++++++++
> 1 file changed, 59 insertions(+)
> create mode 100644 package/python/0035-bpo-35907-CVE-2019-9948-urllib-rejects-local_file-sc.patch
All three patches applied to master. Thanks!
Thomas
--
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
More information about the buildroot
mailing list