mirror of
https://github.com/godotengine/buildroot.git
synced 2026-01-10 10:10:28 +03:00
1ca845961f
Fixes the following security issues:
- bpo-41162: Audit hooks are now cleared later during finalization to avoid
missing events.
- bpo-29778: Ensure python3.dll is loaded from correct locations when Python
is embedded (CVE-2020-15523).
- bpo-41004: The __hash__() methods of ipaddress.IPv4Interface and
ipaddress.IPv6Interface incorrectly generated constant hash values of 32
and 128 respectively. This resulted in always causing hash collisions.
The fix uses hash() to generate hash values for the tuple of (address,
mask length, network address).
- bpo-39073: Disallow CR or LF in email.headerregistry.Address arguments to
guard against header injection attacks.
For more details, see the changelog:
https://docs.python.org/release/3.8.4/whatsnew/changelog.html#security
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit d6ff343d67)
[Peter: mention security impact]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 lines
314 B
Plaintext
6 lines
314 B
Plaintext
# From https://www.python.org/downloads/release/python-384/
|
|
md5 e16df33cd7b58702e57e137f8f5d13e7 Python-3.8.4.tar.xz
|
|
# Locally computed
|
|
sha256 5f41968a95afe9bc12192d7e6861aab31e80a46c46fa59d3d837def6a4cd4d37 Python-3.8.4.tar.xz
|
|
sha256 de4d1f2d2ad5ad0cfd1657a106476b31cb5db5ef9d1ff842b237c0c81f0c8a23 LICENSE
|