mbox series

[wrynose,0/3] python3: upgrade 3.14.5 -> 3.14.6 and fix CVEs

Message ID 20260706-fix-cves-python-wrynose-v1-0-b53e09c2b62a@bootlin.com
Headers show
Series python3: upgrade 3.14.5 -> 3.14.6 and fix CVEs | expand

Message

Benjamin Robin (Schneider Electric) July 6, 2026, 11 a.m. UTC
This series fixes the following CVEs:
 - CVE-2026-11940
 - CVE-2026-11972
 - CVE-2026-3276
 - CVE-2026-7210
 - CVE-2026-7774
 - CVE-2026-8328
 - CVE-2026-9669

Signed-off-by: Benjamin Robin (Schneider Electric) <benjamin.robin@bootlin.com>
---
Benjamin Robin (Schneider Electric) (2):
      python3: fix CVE-2026-11940
      python3: fix CVE-2026-11972

Peter Marko (1):
      python3: upgrade 3.14.5 -> 3.14.6

 ...x-ThreadingMock-call-count-race-condition.patch | 37 ------------
 .../python/python3/CVE-2026-11940.patch            | 67 ++++++++++++++++++++++
 .../python/python3/CVE-2026-11972.patch            | 59 +++++++++++++++++++
 .../{python3_3.14.5.bb => python3_3.14.6.bb}       |  9 ++-
 4 files changed, 130 insertions(+), 42 deletions(-)
---
base-commit: 5d1aa5c806c061a2994f4decb59016610f093213
change-id: 20260706-fix-cves-python-wrynose-076b5060a7be

Best regards,
--  
Benjamin Robin (Schneider Electric) <benjamin.robin@bootlin.com>