Projetos/rpi-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
096589bd59f3f8e827754d43ad01dcdc406cc27f
rpi-buildroot/package/python-brotli/python-brotli.hash
Bernd Kuhls 7f233cd78e package/python-brotli: security bump to version 1.2.0 
https://github.com/google/brotli/blob/v1.2.0/CHANGELOG.md

Adds the following security hardening:

python: added Decompressor::can_accept_more_data method and optional
output_buffer_limit argument Decompressor::process; that allows mitigation
of unexpectedly large output

Which is needed to complete the security fixes in python-urllib3 2.6.0.

Added dependency to host-python-pkgconfig to fix build error which would
be introduced by this bump.

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
[Peter: mark as security bump, describe the relation with urllib3]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit fe5dcf402c0075b6ab86a92733ec75135f9dd760)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
2025-12-18 16:55:54 +01:00

6 lines
324 B
Plaintext
Raw Blame History

# md5, sha256 from https://pypi.org/pypi/brotli/json
md5 af164f216cba527bf6f24d09c9d3576b brotli-1.2.0.tar.gz
sha256 e310f77e41941c13340a95976fe66a8a95b01e783d430eeaf7a2f87e0a57dd0a brotli-1.2.0.tar.gz
# Locally computed sha256 checksums
sha256 3d180008e36922a4e8daec11c34c7af264fed5962d07924aea928c38e8663c94 LICENSE
Reference in New Issue View Git Blame Copy Permalink