diff mbox series

[meta-python,3/3] python3-nltk: upgrade 3.9.2 -> 3.9.3

Message ID 20260224170448.1310931-3-skandigraun@gmail.com
State Under Review
Headers show
Series [meta-oe,1/3] freerdp: patch CVE-2026-23530 | expand

Commit Message

Gyorgy Sarvari Feb. 24, 2026, 5:04 p.m. UTC 
Contains fix for CVE-2026-14009.

Changelog:
* Fix CVE-2025-14009: secure ZIP extraction in nltk.downloader
* Block path traversal/arbitrary reads in nltk.data for protocol-less refs
* Block path traversal/abs paths in corpus readers and FS pointers
* Validate external StanfordSegmenter JARs using SHA256
* Add optional sandbox enforcement for filestring()
* Maintenance: downloader/zipped models, CI/tooling updates

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
---
 .../{python3-nltk_3.9.2.bb => python3-nltk_3.9.3.bb}            | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta-python/recipes-devtools/python3-nltk/{python3-nltk_3.9.2.bb => python3-nltk_3.9.3.bb} (88%)
diff mbox series

Patch

diff --git a/meta-python/recipes-devtools/python3-nltk/python3-nltk_3.9.2.bb b/meta-python/recipes-devtools/python3-nltk/python3-nltk_3.9.3.bb
similarity index 88%
rename from meta-python/recipes-devtools/python3-nltk/python3-nltk_3.9.2.bb
rename to meta-python/recipes-devtools/python3-nltk/python3-nltk_3.9.3.bb
index 43c23254d9..8953b75b28 100644
--- a/meta-python/recipes-devtools/python3-nltk/python3-nltk_3.9.2.bb
+++ b/meta-python/recipes-devtools/python3-nltk/python3-nltk_3.9.3.bb
@@ -23,4 +23,4 @@  RRECOMMENDS:${PN} = "\
 
 inherit setuptools3 pypi
 
-SRC_URI[sha256sum] = "0f409e9b069ca4177c1903c3e843eef90c7e92992fa4931ae607da6de49e1419"
+SRC_URI[sha256sum] = "cb5945d6424a98d694c2b9a0264519fab4363711065a46aa0ae7a2195b92e71f"