While the reasoning is correct that this only applies to Windows, this patch is superseded by upgrading to Python 3.8.14:
https://docs.python.org/release/3.8.14/whatsnew/changelog.html#windows bpo-47194: Update zlib to v1.2.12 to resolve CVE-2018-25032. On Mon, Oct 10, 2022 at 8:25 AM Ranjitsinh Rathod < ranjitsinhrathod1...@gmail.com> wrote: > Hi Virendra, > > Please add one space after # in both the comments. > > On Mon, 10 Oct, 2022, 5:28 pm virendra thakur, < > thakur.virendra1...@gmail.com> wrote: > >> zlib v1.2.11 as used in Windows binary releases contains a security >> issue. >> Link: https://bugs.python.org/issue47194 >> >> Signed-off-by: virendra thakur <thakur.virendra1...@gmail.com> >> --- >> meta/recipes-devtools/python/python3_3.8.13.bb | 4 ++++ >> 1 file changed, 4 insertions(+) >> >> diff --git a/meta/recipes-devtools/python/python3_3.8.13.bb >> b/meta/recipes-devtools/python/python3_3.8.13.bb >> index d87abe2351..e0e6861677 100644 >> --- a/meta/recipes-devtools/python/python3_3.8.13.bb >> +++ b/meta/recipes-devtools/python/python3_3.8.13.bb >> @@ -62,6 +62,10 @@ CVE_CHECK_WHITELIST += "CVE-2020-15523 CVE-2022-26488" >> # The module will be removed in the future and flaws documented. >> CVE_CHECK_WHITELIST += "CVE-2015-20107" >> >> +#zlib v1.2.11 as used in Windows binary releases contains a security >> issue >> +#https://bugs.python.org/issue47194 >> +CVE_CHECK_WHITELIST += "CVE-2018-25032" >> + >> PYTHON_MAJMIN = "3.8" >> >> S = "${WORKDIR}/Python-${PV}" >> -- >> 2.17.1 >> >> >> >> >> > > >
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#171636): https://lists.openembedded.org/g/openembedded-core/message/171636 Mute This Topic: https://lists.openembedded.org/mt/94234436/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
