[Buildroot] [git commit branch/2022.05.x] package/python3: security bump to 3.10.6

Peter Korsgaard peter at korsgaard.com
Sun Sep 18 07:47:32 UTC 2022 

commit: https://git.buildroot.net/buildroot/commit/?id=43ce30dcb91b9150566b9fb3377a7ee248af99b1
branch: https://git.buildroot.net/buildroot/commit/?id=refs/heads/2022.05.x

Fixes the following security issues:

- gh-92888: Fix memoryview use after free when accessing the backing buffer
  in certain cases.

- gh-87389: http.server: Fix an open redirection vulnerability in the HTTP
  server when an URI path starts with //.

Release notes:
https://docs.python.org/release/3.10.6/whatsnew/changelog.html#python-3-10-6-final

Signed-off-by: Marcus Hoffmann <marcus.hoffmann at othermo.de>
[Peter: Mark as security bump]
Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
(cherry picked from commit f4cbf417b59bfdfdfc163a21db71e5e3a75841a0)
Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
---
 package/python3/python3.hash | 2 +-
 package/python3/python3.mk   | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/package/python3/python3.hash b/package/python3/python3.hash
index 8052e3f6e0..596f3e7c18 100644
--- a/package/python3/python3.hash
+++ b/package/python3/python3.hash
@@ -1,3 +1,3 @@
 # Locally computed
-sha256  8437efd5b106ef0a75aabfbf23d880625120a73a86a22ade4d2e2e68d7b74486  Python-3.10.5.tar.xz
+sha256  f795ff87d11d4b0c7c33bc8851b0c28648d8a4583aa2100a98c22b4326b6d3f3  Python-3.10.6.tar.xz
 sha256  f03e17cd594c2085f66a454e695c7ebe5b4d3c0eff534f4f194abc2fd164621b  LICENSE
diff --git a/package/python3/python3.mk b/package/python3/python3.mk
index 40711dc99c..6dbd33d52c 100644
--- a/package/python3/python3.mk
+++ b/package/python3/python3.mk
@@ -5,7 +5,7 @@
 ################################################################################
 
 PYTHON3_VERSION_MAJOR = 3.10
-PYTHON3_VERSION = $(PYTHON3_VERSION_MAJOR).5
+PYTHON3_VERSION = $(PYTHON3_VERSION_MAJOR).6
 PYTHON3_SOURCE = Python-$(PYTHON3_VERSION).tar.xz
 PYTHON3_SITE = https://python.org/ftp/python/$(PYTHON3_VERSION)
 PYTHON3_LICENSE = Python-2.0, others

More information about the buildroot mailing list