mirror of
git://git.openembedded.org/meta-openembedded
synced 2026-04-02 10:59:19 +00:00
f19f8995e2
Backport the patch[1] which fixes this vulnerability as mentioned in the
comment[2].
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-68131
[1] f1d701cd2c
[2] https://github.com/agronholm/cbor2/pull/268#issuecomment-3719179000
Dropped changes to the changelog from the original commit.
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
34 lines
852 B
BlitzBasic
34 lines
852 B
BlitzBasic
DESCRIPTION = "An implementation of RFC 7049 - Concise Binary Object Representation (CBOR)."
|
|
DEPENDS +="${PYTHON_PN}-setuptools-scm-native"
|
|
|
|
LICENSE = "MIT"
|
|
LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=a79e64179819c7ce293372c059f1dbd8"
|
|
|
|
SRC_URI[sha256sum] = "e283e70b55a049ff364cc5e648fde587e4d9b0e87e4b2664c69e639135e6b3b8"
|
|
|
|
inherit pypi python_setuptools_build_meta ptest
|
|
|
|
SRC_URI += " \
|
|
file://run-ptest \
|
|
file://CVE-2025-68131.patch \
|
|
"
|
|
|
|
# not vulnerable yet, vulnerability was introduced in v5.6.0
|
|
CVE_CHECK_IGNORE = "CVE-2025-64076"
|
|
|
|
RDEPENDS:${PN}-ptest += " \
|
|
${PYTHON_PN}-pytest \
|
|
${PYTHON_PN}-unixadmin \
|
|
"
|
|
|
|
do_install_ptest() {
|
|
install -d ${D}${PTEST_PATH}/tests
|
|
cp -rf ${S}/tests/* ${D}${PTEST_PATH}/tests/
|
|
}
|
|
|
|
RDEPENDS:${PN} += " \
|
|
${PYTHON_PN}-datetime \
|
|
"
|
|
|
|
BBCLASSEXTEND = "native nativesdk"
|