[Buildroot] [git commit branch/2022.05.x] package/python3: security bump to version 3.10.7

Peter Korsgaard peter at korsgaard.com
Sun Sep 18 21:16:13 UTC 2022 

commit: https://git.buildroot.net/buildroot/commit/?id=3e9c048a737f7733fab4ae14d49f80c897a3d7b0
branch: https://git.buildroot.net/buildroot/commit/?id=refs/heads/2022.05.x

Fix CVE-2020-10735

https://github.com/python/cpython/blob/v3.10.7/Misc/NEWS.d/3.10.7.rst

Signed-off-by: Daniel Lang <d.lang at abatec.at>
Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
(cherry picked from commit c0ee83d10bd8902c889b773b25a6b96d880f2fad)
Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
---
 .../0033-lib-crypt-uClibc-ng-doesn-t-set-errno-when-encryptio.patch | 6 ++++--
 package/python3/python3.hash                                        | 2 +-
 package/python3/python3.mk                                          | 2 +-
 3 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/package/python3/0033-lib-crypt-uClibc-ng-doesn-t-set-errno-when-encryptio.patch b/package/python3/0033-lib-crypt-uClibc-ng-doesn-t-set-errno-when-encryptio.patch
index 880277eb1d..0458283c18 100644
--- a/package/python3/0033-lib-crypt-uClibc-ng-doesn-t-set-errno-when-encryptio.patch
+++ b/package/python3/0033-lib-crypt-uClibc-ng-doesn-t-set-errno-when-encryptio.patch
@@ -16,6 +16,8 @@ https://gitlab.com/buildroot.org/buildroot/-/jobs/830981979
 [2] https://cgit.uclibc-ng.org/cgi/cgit/uclibc-ng.git/tree/libcrypt/crypt.c?h=v1.0.36#n29
 
 Signed-off-by: Romain Naour <romain.naour at gmail.com>
+[Daniel: updated for 3.10.7]
+Signed-off-by: Daniel Lang <d.lang at abatec.at>
 ---
  Lib/crypt.py | 4 +++-
  1 file changed, 3 insertions(+), 1 deletion(-)
@@ -28,10 +30,10 @@ index 33dbc46bb3..4692a5270c 100644
          result = crypt('', salt)
      except OSError as e:
          # Not all libc libraries support all encryption methods.
--        if e.errno == errno.EINVAL:
+-        if e.errno in {errno.EINVAL, errno.EPERM, errno.ENOSYS}:
 +        # Not all libc libraries set errno when encryption method is not
 +        # available.
-+        if e.errno == errno.EINVAL or e.errno == 0:
++        if e.errno in {errno.EINVAL, errno.EPERM, errno.ENOSYS} or e.errno == 0:
              return False
          raise
      if result and len(result) == method.total_size:
diff --git a/package/python3/python3.hash b/package/python3/python3.hash
index 596f3e7c18..c625e7a8ea 100644
--- a/package/python3/python3.hash
+++ b/package/python3/python3.hash
@@ -1,3 +1,3 @@
 # Locally computed
-sha256  f795ff87d11d4b0c7c33bc8851b0c28648d8a4583aa2100a98c22b4326b6d3f3  Python-3.10.6.tar.xz
+sha256  6eed8415b7516fb2f260906db5d48dd4c06acc0cb24a7d6cc15296a604dcdc48  Python-3.10.7.tar.xz
 sha256  f03e17cd594c2085f66a454e695c7ebe5b4d3c0eff534f4f194abc2fd164621b  LICENSE
diff --git a/package/python3/python3.mk b/package/python3/python3.mk
index 6dbd33d52c..9fd0777be6 100644
--- a/package/python3/python3.mk
+++ b/package/python3/python3.mk
@@ -5,7 +5,7 @@
 ################################################################################
 
 PYTHON3_VERSION_MAJOR = 3.10
-PYTHON3_VERSION = $(PYTHON3_VERSION_MAJOR).6
+PYTHON3_VERSION = $(PYTHON3_VERSION_MAJOR).7
 PYTHON3_SOURCE = Python-$(PYTHON3_VERSION).tar.xz
 PYTHON3_SITE = https://python.org/ftp/python/$(PYTHON3_VERSION)
 PYTHON3_LICENSE = Python-2.0, others

More information about the buildroot mailing list