summaryrefslogtreecommitdiffstats
path: root/meta-python/recipes-devtools/python/python3-m2crypto/CVE-2020-25657.patch
Commit message (Collapse)AuthorAgeFilesLines
* python3-m2crypto: upgrade 0.38.0 -> 0.39.0Trevor Gamblin2023-07-251-176/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Remove the CVE-2020-25657 patch, as it is fixed in 0.39.0: [tgamblin@megalith m2crypto]$ git log --oneline --grep="CVE-2020-25657" 84c5395 Mitigate the Bleichenbacher timing attacks in the RSA decryption API (CVE-2020-25657) [tgamblin@megalith m2crypto]$ git tag --contains 84c53958def0f510e92119fca14d74f94215827a 0.39.0 Changelog (https://gitlab.com/m2crypto/m2crypto/-/blob/master/CHANGES?ref_type=heads): 0.39.0 - 2023-01-31 ------------------- - SUPPORT FOR PYTHON 2 HAS BEEN DEPRECATED AND IT WILL BE COMPLETELY REMOVED IN THE NEXT RELEASE. - Remove dependency on parameterized and use unittest.subTest instead. - Upgrade embedded six.py module to 1.16.0 (really tiny inconsequential changes). - Make tests working on MacOS again (test_bio_membuf: Use fork) - Use OpenSSL_version_num() instead of unrealiable parsing of .h file. - Mitigate the Bleichenbacher timing attacks in the RSA decryption API (CVE-2020-25657) - Add functionality to extract EC key from public key + Update tests - Worked around compatibility issues with OpenSSL 3.* - Support for Twisted has been deprecated (they have their own SSL support anyway). - Generate TAP while testing. - Stop using GitHub for testing. - Accept a small deviation from time in the testsuite (for systems with non-standard HZ kernel parameter). - Use the default BIO.__del__ rather tha overriding in BIO.File (avoid a memleak). - Resolve "X509_Name.as_der() method from X509.py -> class X509_Name caused segmentation fault" Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-m2crypto: fix CVE-2020-25657 and buildpaths qa issueKai Kang2022-11-251-0/+176
Backport patch to fix CVE-2020-25657 for python3-m2crypto. Adjust indent as well. Remove duplicate 'Upstream-Status:' from avoid-host-contamination.patch. Add swig option '-DOPENSSL_FILE' to fix buildpaths qa issues. WARNING: python3-m2crypto-0.38.0-r0 do_package_qa: QA Issue: File /usr/lib/python3.11/site-packages/M2Crypto/_m2crypto.cpython-311-x86_64-linux-gnu.so in package python3-m2crypto contains reference to TMPDIR [buildpaths] Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>