From 14d464c15094d1758dc14706646a8aa645a3bf34 Mon Sep 17 00:00:00 2001 From: Gyorgy Sarvari Date: Tue, 24 Feb 2026 18:04:48 +0100 Subject: [PATCH] python3-nltk: upgrade 3.9.2 -> 3.9.3 Contains fix for CVE-2026-14009. Changelog: * Fix CVE-2025-14009: secure ZIP extraction in nltk.downloader * Block path traversal/arbitrary reads in nltk.data for protocol-less refs * Block path traversal/abs paths in corpus readers and FS pointers * Validate external StanfordSegmenter JARs using SHA256 * Add optional sandbox enforcement for filestring() * Maintenance: downloader/zipped models, CI/tooling updates Signed-off-by: Gyorgy Sarvari Signed-off-by: Khem Raj --- .../{python3-nltk_3.9.2.bb => python3-nltk_3.9.3.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta-python/recipes-devtools/python3-nltk/{python3-nltk_3.9.2.bb => python3-nltk_3.9.3.bb} (88%) diff --git a/meta-python/recipes-devtools/python3-nltk/python3-nltk_3.9.2.bb b/meta-python/recipes-devtools/python3-nltk/python3-nltk_3.9.3.bb similarity index 88% rename from meta-python/recipes-devtools/python3-nltk/python3-nltk_3.9.2.bb rename to meta-python/recipes-devtools/python3-nltk/python3-nltk_3.9.3.bb index 43c23254d9..8953b75b28 100644 --- a/meta-python/recipes-devtools/python3-nltk/python3-nltk_3.9.2.bb +++ b/meta-python/recipes-devtools/python3-nltk/python3-nltk_3.9.3.bb @@ -23,4 +23,4 @@ RRECOMMENDS:${PN} = "\ inherit setuptools3 pypi -SRC_URI[sha256sum] = "0f409e9b069ca4177c1903c3e843eef90c7e92992fa4931ae607da6de49e1419" +SRC_URI[sha256sum] = "cb5945d6424a98d694c2b9a0264519fab4363711065a46aa0ae7a2195b92e71f"