Martin Jansa <mailto:martin.ja...@gmail.com>>
> *Sent:* Wednesday, March 3, 2021 8:03:12 PM
> *To:* Rahul Taya mailto:rahul.t...@kpit.com>>
> *Cc:* openembedded-devel@lists.openembedded.org
> <mailto:openembedded-devel@lists.openembedded.org>
>
9:22 PM
To: Rahul Taya
Cc: openembedded-devel ; Harpritkaur
Bhandari ; Nisha Parrakat
Subject: Re: [oe] [meta-python2][dunfell][PATCH] python: Add fix for
CVE-2019-9674
On Wed, Mar 3, 2021 at 4:26 PM Rahul Taya
mailto:rahul.t...@kpit.com>> wrote:
Hi Martin,
No i run devtool modify python only
tion.outlook.com/?url=http%3A%2F%2Flists.openembedded.org%2F&data=04%7C01%7CRahul.Taya%40kpit.com%7C9193c43cbc274d86d5dc08d8de514df0%7C3539451eb46e4a26a242ff61502855c7%7C0%7C0%7C637503788090869534%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=JCevxk14rW
age
> that i saw.
> Can you tell me what next to do for that patch ?
>
> Thanks and Regards,
> Rahul Taya
> --
> *From:* Martin Jansa
> *Sent:* Thursday, February 25, 2021 10:33 PM
> *To:* Rahul Taya
> *Cc:* openembedded-devel
> *Subje
on behalf of Martin Jansa via
lists.openembedded.org
Sent: Monday, March 1, 2021 8:16 PM
To: Rahul Taya
Cc: openembedded-devel
Subject: Re: [oe] [meta-python2][dunfell][PATCH] python: Add fix for
CVE-2019-9674
> Can you please tell me what i should do if a fuzz is detected while applying
>
lob%2Fmain%2FCVE-2019-9674.patch&data=04%7C01%7CRahul.Taya%40kpit.com%7C94256351f1fb463d886a08d8d9af44b8%7C3539451eb46e4a26a242ff61502855c7%7C0%7C0%7C637498694137112808%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=EvHk3r1U8hghpCjnNQMuDMq7a1RQbu7IzQuUj6Ot5XY%3D&
Get Outlook for iOS <https://aka.ms/o0ukef>
> --
> *From:* Martin Jansa
> *Sent:* Thursday, February 25, 2021 8:25:50 PM
> *To:* Rahul Taya
> *Cc:* openembedded-devel
> *Subject:* Re: [oe] [meta-python2][dunfell][PATCH] python: Add fix for
> CVE-2
l Taya
Cc: openembedded-devel
Subject: Re: [oe] [meta-python2][dunfell][PATCH] python: Add fix for
CVE-2019-9674
Hi,
normally you should fork meta-python2 and send a link to meta-python2 change I
can cherry-pick, not the blob in otherwise empty repo.
But as I've said in previous reply, I
;
> Harpritkaur Bhandari
> *Subject:* Re: [oe] [meta-python2][dunfell][PATCH] python: Add fix for
> CVE-2019-9674
>
> "git am" doesn't like those emoticons in the .patch file..
>
> git am ~/py2/cur/16136689*
> error: cannot convert from 8bit to UTF-8
> fatal: c
Hi,
you patch has:
Content-Type: text/plain; charset=8bit
Content-Transfer-Encoding: quoted-printable
and git am doesn't handle it
$ git am python2/cur/1614253357.R13620585686638879435.jama\:2\,RS
error: cannot convert from 8bit to UTF-8
fatal: could not parse patch
if I manually change it to
C
PM
To: Rahul Taya
Cc: openembedded-devel ; Khem Raj
; Nisha Parrakat ; Harpritkaur
Bhandari
Subject: Re: [oe] [meta-python2][dunfell][PATCH] python: Add fix for
CVE-2019-9674
"git am" doesn't like those emoticons in the .patch file..
git am ~/py2/cur/16136689*
error: cannot co
On Tue, 2021-02-16 at 20:53 +0530, Rahul Taya wrote:
> +* bpo-36260: Add pitfalls to zipfile module documentation
> +
> +We saw vulnerability warning description (including zip bomb) in
> Doc/library/xml.rst file.
> +This gave us the idea of documentation improvement.
> +
> +So, we moved a little b
On Thu, Feb 18, 2021 at 07:19:53AM -0800, akuster wrote:
>
>
> On 2/16/21 7:23 AM, Rahul Taya wrote:
> > For python and python-native added patch to fix
> > CVE-2019-9674
> >
> > Signed-off-by: Rahul Taya
>
> Please add your signoff in the applying patches. see below for example.
>
> Does this
"git am" doesn't like those emoticons in the .patch file..
git am ~/py2/cur/16136689*
error: cannot convert from 8bit to UTF-8
fatal: could not parse patch
either drop them or upload it to some git repo so I can cherry-pick it from
there.
On Thu, Feb 18, 2021 at 3:18 PM Rahul Taya wrote:
> For
On 2/16/21 7:23 AM, Rahul Taya wrote:
> For python and python-native added patch to fix
> CVE-2019-9674
>
> Signed-off-by: Rahul Taya
Please add your signoff in the applying patches. see below for example.
Does this affect master or Gatesgarth? What may avoid such questions is
by adding som
For python and python-native added patch to fix
CVE-2019-9674
Signed-off-by: Rahul Taya
---
recipes-devtools/python/python.inc| 1 +
.../python/python/CVE-2019-9674.patch | 83 +++
2 files changed, 84 insertions(+)
create mode 100644 recipes-devtools/python/
16 matches
Mail list logo
