similarity index 99%
rename from meta/recipes-devtools/python/python3_3.13.2.bb
rename to meta/recipes-devtools/python/python3_3.13.4.bb
@@ -36,7 +36,7 @@ SRC_URI:append:class-native = " \
file://0001-Lib-sysconfig.py-use-prefix-value-from-build-configu.patch \
"
-SRC_URI[sha256sum] = "d984bcc57cd67caab26f7def42e523b1c015bbc5dc07836cf4f0b63fa159eb56"
+SRC_URI[sha256sum] = "27b15a797562a2971dce3ffe31bb216042ce0b995b39d768cf15f784cc757365"
# exclude pre-releases for both python 2.x and 3.x
UPSTREAM_CHECK_REGEX = "[Pp]ython-(?P<pver>\d+(\.\d+)+).tar"
Security content in this release: - gh-135034: Fixes multiple issues that allowed tarfile extraction filters (filter="data" and filter="tar") to be bypassed using crafted symlinks and hard links. Addresses CVE-2024-12718, CVE-2025-4138, CVE-2025-4330, and CVE-2025-4517. - gh-133767: Fix use-after-free in the “unicode-escape” decoder with a non- “strict” error handler. - gh-128840: Short-circuit the processing of long IPv6 addresses early in ipaddress to prevent excessive memory consumption and a minor denial-of-service. Includes additional standard library improvements and bug fixes. References: https://docs.python.org/3/whatsnew/changelog.html#python-3-13-4-final https://www.python.org/downloads/release/python-3134/ Signed-off-by: Praveen Kumar <praveen.kumar@windriver.com> --- .../python/{python3_3.13.2.bb => python3_3.13.4.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta/recipes-devtools/python/{python3_3.13.2.bb => python3_3.13.4.bb} (99%)