[scarthgap] python3-requests: upgrade 2.32.3 -> 2.32.4

Message ID	20250613110126.187329-1-vanusuri@mvista.com
State	Accepted
Delegated to:	Steve Sakoman
Headers	show Return-Path: <vanusuri@mvista.com> ip: 209.85.214.176, mailfrom: vanusuri@mvista.com) From: vanusuri@mvista.com To: openembedded-core@lists.openembedded.org Cc: Vijay Anusuri <vanusuri@mvista.com> Subject: [OE-core][scarthgap][PATCH] python3-requests: upgrade 2.32.3 -> 2.32.4 Date: Fri, 13 Jun 2025 16:31:26 +0530 Message-Id: <20250613110126.187329-1-vanusuri@mvista.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	[scarthgap] python3-requests: upgrade 2.32.3 -> 2.32.4 \| expand [scarthgap] python3-requests: upgrade 2.32.3 -> 2.32.4

Message ID

20250613110126.187329-1-vanusuri@mvista.com

State

Accepted

Delegated to:

Steve Sakoman

Headers

From: vanusuri@mvista.com
To: openembedded-core@lists.openembedded.org
Cc: Vijay Anusuri <vanusuri@mvista.com>
Subject: [OE-core][scarthgap][PATCH] python3-requests: upgrade 2.32.3 ->
 2.32.4
Date: Fri, 13 Jun 2025 16:31:26 +0530
Message-Id: <20250613110126.187329-1-vanusuri@mvista.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Series

[scarthgap] python3-requests: upgrade 2.32.3 -> 2.32.4 | expand

Commit Message

Vijay Anusuri June 13, 2025, 11:01 a.m. UTC

From: Vijay Anusuri <vanusuri@mvista.com>

changelog
https://github.com/psf/requests/releases/tag/v2.32.4

Includes security fix CVE-2024-47081

Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
---
 .../{python3-requests_2.32.3.bb => python3-requests_2.32.4.bb}  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta/recipes-devtools/python/{python3-requests_2.32.3.bb => python3-requests_2.32.4.bb} (85%)

Comments

Gyorgy Sarvari June 13, 2025, 11:56 a.m. UTC | #1

There seem to be some duplication in your and Wind River's contributions
today - this, and some of the libsoup CVE fixes in Kirkstone are also
duped only with a few hours of difference.

It's mostly an observation, rather than anything else.

Steve Sakoman June 16, 2025, 4:38 p.m. UTC | #2

On Fri, Jun 13, 2025 at 4:56 AM Gyorgy Sarvari via
lists.openembedded.org <skandigraun=gmail.com@lists.openembedded.org>
wrote:
>
> There seem to be some duplication in your and Wind River's contributions
> today - this, and some of the libsoup CVE fixes in Kirkstone are also
> duped only with a few hours of difference.
>
> It's mostly an observation, rather than anything else.

This doesn't happen very often, but when it does I'll typically take
the first one to hit the mailing list (unless there is an issue with
it!)

Steve

diff --git a/meta/recipes-devtools/python/python3-requests_2.32.3.bb b/meta/recipes-devtools/python/python3-requests_2.32.4.bb
similarity index 85%
rename from meta/recipes-devtools/python/python3-requests_2.32.3.bb
rename to meta/recipes-devtools/python/python3-requests_2.32.4.bb
index 4f0638b50c..0a015ab5d1 100644
--- a/meta/recipes-devtools/python/python3-requests_2.32.3.bb
+++ b/meta/recipes-devtools/python/python3-requests_2.32.4.bb
@@ -3,7 +3,7 @@  HOMEPAGE = "https://requests.readthedocs.io"
 LICENSE = "Apache-2.0"
 LIC_FILES_CHKSUM = "file://LICENSE;md5=34400b68072d710fecd0a2940a0d1658"
 
-SRC_URI[sha256sum] = "55365417734eb18255590a9ff9eb97e9e1da868d4ccd6402399eaf68af20a760"
+SRC_URI[sha256sum] = "27d0316682c8a29834d3264820024b62a36942083d52caf2f14c0591336d3422"
 
 inherit pypi python_setuptools_build_meta

[scarthgap] python3-requests: upgrade 2.32.3 -> 2.32.4

Commit Message

Comments

Patch