[Buildroot] [PATCH 2/2] package/python-py: security bump to version 1.10.0
Peter Korsgaard
peter at korsgaard.com
Tue Apr 6 11:02:46 UTC 2021
>>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice at gmail.com> writes:
> Fix CVE-2020-29651: A denial of service via regular expression in the
> py.path.svnwc component of py (aka python-py) through 1.9.0 could be
> used by attackers to cause a compute-time denial of service attack by
> supplying malicious input to the blame functionality.
> Add py/_vendored_packages/iniconfig-1.1.1.dist-info/LICENSE (MIT) which
> has been added with
> https://github.com/pytest-dev/py/commit/94cf44fd41d957eb50773d3e4fb54e931836779e
> https://github.com/pytest-dev/py/blob/1.10.0/CHANGELOG.rst
> Signed-off-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>
Committed to 2021.02.x, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list