[Buildroot] [PATCH] package/python3: security bump to version 3.12.5

[Buildroot] [PATCH] package/python3: security bump to version 3.12.5

[Peter Korsgaard]

Fixes the following security issues:

- gh-121957: Fixed missing audit events around interactive use of Python,
  now also properly firing for python -i, as well as for python -m asyncio.
  The event in question is cpython.run_stdin.

  https://github.com/python/cpython/issues/121957

For more details, see the changelog:

https://docs.python.org/release/3.12.5/whatsnew/changelog.html#python-3-12-5

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
 package/python3/python3.hash | 6 +++---
 package/python3/python3.mk   | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/package/python3/python3.hash b/package/python3/python3.hash
index 598164dca6..d680a96810 100644
--- a/package/python3/python3.hash
+++ b/package/python3/python3.hash
@@ -1,5 +1,5 @@
-# From https://www.python.org/downloads/release/python-3123/
-md5  d68f25193eec491eb54bc2ea664a05bd  Python-3.12.4.tar.xz
+# From https://www.python.org/downloads/release/python-3125/
+md5  02c7d269e077f4034963bba6befdc715  Python-3.12.5.tar.xz
 # Locally computed
-sha256  f6d419a6d8743ab26700801b4908d26d97e8b986e14f95de31b32de2b0e79554  Python-3.12.4.tar.xz
+sha256  fa8a2e12c5e620b09f53e65bcd87550d2e5a1e2e04bf8ba991dcc55113876397  Python-3.12.5.tar.xz
 sha256  3b2f81fe21d181c499c59a256c8e1968455d6689d269aa85373bfb6af41da3bf  LICENSE
diff --git a/package/python3/python3.mk b/package/python3/python3.mk
index 7d6c9fe93f..b31e6df141 100644
--- a/package/python3/python3.mk
+++ b/package/python3/python3.mk
@@ -5,7 +5,7 @@
 ################################################################################
 
 PYTHON3_VERSION_MAJOR = 3.12
-PYTHON3_VERSION = $(PYTHON3_VERSION_MAJOR).4
+PYTHON3_VERSION = $(PYTHON3_VERSION_MAJOR).5
 PYTHON3_SOURCE = Python-$(PYTHON3_VERSION).tar.xz
 PYTHON3_SITE = https://python.org/ftp/python/$(PYTHON3_VERSION)
 PYTHON3_LICENSE = Python-2.0, others
-- 
2.39.2

_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

Re: [Buildroot] [PATCH] package/python3: security bump to version 3.12.5

[Thomas Petazzoni via buildroot]

On Mon, 26 Aug 2024 23:02:28 +0200
Peter Korsgaard <peter@korsgaard.com> wrote:

> Fixes the following security issues:
> 
> - gh-121957: Fixed missing audit events around interactive use of Python,
>   now also properly firing for python -i, as well as for python -m asyncio.
>   The event in question is cpython.run_stdin.
> 
>   https://github.com/python/cpython/issues/121957
> 
> For more details, see the changelog:
> 
> https://docs.python.org/release/3.12.5/whatsnew/changelog.html#python-3-12-5
> 
> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
> ---
>  package/python3/python3.hash | 6 +++---
>  package/python3/python3.mk   | 2 +-
>  2 files changed, 4 insertions(+), 4 deletions(-)

Applied to master, thanks.

Thomas
-- 
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot