home-assistant
/
buildroot
mirror of https://github.com/home-assistant/buildroot.git
0
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
buildroot/package/python3
History
Fabrice Fontaine 404d6e29bf package/python3: fix CVE-2022-37454 
The Keccak XKCP SHA-3 reference implementation before fdc6fef has an
integer overflow and resultant buffer overflow that allows attackers to
execute arbitrary code or eliminate expected cryptographic properties.
This occurs in the sponge function interface.

Python 3.11 and later switched to using tiny_sha3 in GH-32060, so they
should not be affected.

https://github.com/python/cpython/issues/98517

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 92d96e8513)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 		2022-12-08 10:56:46 +01:00
..
0001-Make-the-build-of-pyc-files-conditional.patch
0002-Disable-buggy_getaddrinfo-configure-test-when-cross-.patch
0003-Add-infrastructure-to-disable-the-build-of-certain-e.patch
0004-Adjust-library-header-paths-for-cross-compilation.patch
0005-Don-t-look-in-usr-lib-termcap-for-libraries.patch
0006-Don-t-add-multiarch-paths.patch
0007-Abort-on-failed-module-build.patch
0008-Serial-ioctl-workaround.patch
0009-Do-not-adjust-the-shebang-of-Python-scripts-for-cros.patch
0010-Misc-python-config.sh.in-ensure-sed-invocations-only.patch
0011-Add-importlib-fix-for-PEP-3147-issue.patch
0012-Add-an-option-to-disable-pydoc.patch
0013-Add-an-option-to-disable-lib2to3.patch
0014-Add-option-to-disable-the-sqlite3-module.patch
0015-Add-an-option-to-disable-the-tk-module.patch
0016-Add-an-option-to-disable-the-curses-module.patch
0017-Add-an-option-to-disable-expat.patch
0018-Add-an-option-to-disable-CJK-codecs.patch
0019-Add-an-option-to-disable-NIS.patch
0020-Add-an-option-to-disable-unicodedata.patch
0021-Add-an-option-to-disable-IDLE.patch
0022-Add-an-option-to-disable-decimal.patch
0023-Add-an-option-to-disable-the-ossaudiodev-module.patch
0024-Add-an-option-to-disable-openssl-support.patch
0025-Add-an-option-to-disable-the-readline-module.patch
0026-Add-options-to-disable-zlib-bzip2-and-xz-modules.patch
0027-python-config.sh-don-t-reassign-prefix.patch
0028-Fix-cross-compiling-the-uuid-module.patch
0029-Add-an-option-to-disable-uuid-module.patch
0030-fix-building-on-older-distributions.patch
0031-configure.ac-fixup-CC-print-multiarch-output-for-mus.patch
0032-Add-an-option-to-disable-the-berkeleydb-module.patch
0033-3.11-gh-98433-Fix-quadratic-time-idna-decoding.-GH-9.patch
0033-lib-crypt-uClibc-ng-doesn-t-set-errno-when-encryptio.patch
0034-3-10-gh-98517-Fix-buffer-overflows-in-_sha3-module.patch package/python3: fix CVE-2022-37454 2022-12-08 10:56:46 +01:00
Config.in
Config.in.host
python3.hash
python3.mk package/python3: fix CVE-2022-37454 2022-12-08 10:56:46 +01:00