[Buildroot] [PATCH 1/1] python-pyyaml: security bump to 4.2b4

Thomas Petazzoni thomas.petazzoni at bootlin.com
Sun Jan 13 13:15:11 UTC 2019


Hello,

On Sat, 12 Jan 2019 19:42:27 +0200, Asaf Kahlon wrote:
> Fixes CVE-2017-18342: In PyYAML before 4.1, the yaml.load() API
> could execute arbitrary code.
> 
> Signed-off-by: Asaf Kahlon <asafka7 at gmail.com>
> ---
>  package/python-pyyaml/python-pyyaml.hash | 4 ++--
>  package/python-pyyaml/python-pyyaml.mk   | 4 ++--
>  2 files changed, 4 insertions(+), 4 deletions(-)

Applied to master, thanks.

Thomas
-- 
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com



More information about the buildroot mailing list