Re: [OE-core][kirkstone 08/18] python3: Fix CVE-2025-15282

public inbox for openembedded-core@lists.openembedded.org
 help / color / mirror / Atom feed

From: Paul Barker <paul@pbarker.dev>
To: vanusuri@mvista.com
Cc: yoann.congal@smile.fr, openembedded-core@lists.openembedded.org
Subject: Re: [OE-core][kirkstone 08/18] python3: Fix CVE-2025-15282
Date: Mon, 06 Apr 2026 12:59:36 +0100	[thread overview]
Message-ID: <990e40208f0077bfac5c062421012e5c83b56eca.camel@pbarker.dev> (raw)
In-Reply-To: <CANQUz191KfwSFA_n3MP=Xt7KC6ddAvvKkJGKOwCmMBPtUi_5TA@mail.gmail.com>

[-- Attachment #1: Type: text/plain, Size: 1206 bytes --]

On Mon, 2026-04-06 at 17:14 +0530, Vijay Anusuri via
lists.openembedded.org wrote:
> On Mon, Apr 6, 2026 at 2:39 PM Paul Barker via lists.openembedded.org <paul=
> pbarker.dev@lists.openembedded.org> wrote:
> 
> > On Mon, 2026-04-06 at 08:26 +0200, Yoann Congal via
> > lists.openembedded.org wrote:
> > > From: Vijay Anusuri <vanusuri@mvista.com>
> > > 
> > > Pick patch from 3.10 branch
> > > 
> > > [1] https://nvd.nist.gov/vuln/detail/CVE-2025-15282
> > > [2] https://security-tracker.debian.org/tracker/CVE-2025-15282
> > > 
> > > Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
> > > Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
> > 
> > The fix for this issue (referred to as gh-143925 upstream) looks to be
> > part of Python 3.10.20 [1]. Should we take a final Python stable update
> > instead of this patch?
> > 
> > [1]: https://www.python.org/downloads/release/python-31020/
> > 
> > 
> --> Along with this CVE, Python 3.10.20 includes multiple security bug
> fixes. I think it's good to go with Python stable update to 3.10.20 .

Hi Vijay,

Are you able to send a patch to update to Python 3.10.20 on kirkstone?

Best regards,

-- 
Paul Barker


[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 252 bytes --]

next prev parent reply	other threads:[~2026-04-06 11:59 UTC|newest]

Thread overview: 23+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2026-04-06  6:26 [OE-core][kirkstone 00/18] Patch review Yoann Congal
2026-04-06  6:26 ` [OE-core][kirkstone 01/18] linux-yocto/5.15: update to v5.15.200 Yoann Congal
2026-04-06  6:26 ` [OE-core][kirkstone 02/18] linux-yocto/5.15: update to v5.15.201 Yoann Congal
2026-04-06  6:26 ` [OE-core][kirkstone 03/18] create-pull-request: Keep commit hash to be pulled in cover email Yoann Congal
2026-04-06  6:26 ` [OE-core][kirkstone 04/18] README.OE-Core: update contributor links and add kirkstone prefix Yoann Congal
2026-04-06  6:26 ` [OE-core][kirkstone 05/18] libtheora: mark CVE-2024-56431 as not vulnerable yet Yoann Congal
2026-04-06  6:26 ` [OE-core][kirkstone 06/18] tzdata,tzcode-native: Upgrade 2025b -> 2025c Yoann Congal
2026-04-06  6:26 ` [OE-core][kirkstone 07/18] tzdata/tzcode-native: upgrade 2025c -> 2026a Yoann Congal
2026-04-06  6:26 ` [OE-core][kirkstone 08/18] python3: Fix CVE-2025-15282 Yoann Congal
2026-04-06  9:09   ` Paul Barker
2026-04-06 11:44     ` Vijay Anusuri
2026-04-06 11:59       ` Paul Barker [this message]
2026-04-06 12:27         ` Vijay Anusuri
2026-04-06  6:26 ` [OE-core][kirkstone 09/18] python3-pyopenssl: Fix CVE-2026-27448 Yoann Congal
2026-04-06  6:26 ` [OE-core][kirkstone 10/18] python3-pyopenssl: Fix CVE-2026-27459 Yoann Congal
2026-04-06  6:26 ` [OE-core][kirkstone 11/18] libarchive: Fix CVE-2026-4111 Yoann Congal
2026-04-06  6:26 ` [OE-core][kirkstone 12/18] vim: Fix CVE-2026-33412 Yoann Congal
2026-04-06  6:26 ` [OE-core][kirkstone 13/18] sqlite3: Fix CVE-2025-70873 Yoann Congal
2026-04-06  6:26 ` [OE-core][kirkstone 14/18] curl: patch CVE-2025-14524 Yoann Congal
2026-04-06  6:26 ` [OE-core][kirkstone 15/18] curl: patch CVE-2026-1965 Yoann Congal
2026-04-06  6:26 ` [OE-core][kirkstone 16/18] curl: patch CVE-2026-3783 Yoann Congal
2026-04-06  6:26 ` [OE-core][kirkstone 17/18] curl: patch CVE-2026-3784 Yoann Congal
2026-04-06  6:26 ` [OE-core][kirkstone 18/18] scripts/install-buildtools: Update to 4.0.34 Yoann Congal

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=990e40208f0077bfac5c062421012e5c83b56eca.camel@pbarker.dev \
    --to=paul@pbarker.dev \
    --cc=openembedded-core@lists.openembedded.org \
    --cc=vanusuri@mvista.com \
    --cc=yoann.congal@smile.fr \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox