godotengine/buildroot
1
0
Fork 0
mirror of https://github.com/godotengine/buildroot.git synced 2026-01-01 13:49:03 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
154456c031b4e2ec4ffe1bfbd578fcfd7cc698e5
buildroot/package/python3/python3.hash
Peter Korsgaard 3f5b4da6d3 package/python3: security bump to version 3.7.5 
Fixes the following security vulnerabilities:

- bpo-38243: Escape the server title of xmlrpc.server.DocXMLRPCServer when
  rendering the document page as HTML.  (Contributed by Dong-hee Na in
  bpo-38243.)

- bpo-38174: Update vendorized expat library version to 2.2.8, which
  resolves CVE-2019-15903.

- bpo-37764: Fixes email._header_value_parser.get_unstructured going into an
  infinite loop for a specific case in which the email header does not have
  trailing whitespace, and the case in which it contains an invalid encoded
  word.  Patch by Ashwin Ramaswami.

- bpo-37461: Fix an infinite loop when parsing specially crafted email
  headers.  Patch by Abhilash Raj.

- bpo-34155: Fix parsing of invalid email addresses with more than one @
  (e.g.  a@b@c.com.) to not return the part before 2nd @ as valid email
  address.  Patch by maxking & jpic.

Additionally, the release contains a number of non-security related fixes.
For details, see the changelog:

https://docs.python.org/3.7/whatsnew/changelog.html#python-3-7-5-final

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-11-01 16:42:28 +01:00

6 lines
308 B
Plaintext
Raw Blame History

# From https://www.python.org/downloads/release/python-375/
md5 08ed8030b1183107c48f2092e79a87e2 Python-3.7.5.tar.xz
# Locally computed
sha256 e85a76ea9f3d6c485ec1780fca4e500725a4a7bbc63c78ebc44170de9b619d94 Python-3.7.5.tar.xz
sha256 a77d71d6be6f9032e6b6e5d2cf6da68f9eeab9036edfbc043633c8979cd5e82c LICENSE
Reference in New Issue View Git Blame Copy Permalink