From: Jörg Sommer <[email protected]> - Substantial 75% reduction in memory usage through new data structures and some optimization in processing speed. - Added a general 1024-character input length cap to the public validation, conversion, and codec entry points. This is well above any legitimate domain or label and guards against pathological inputs.
- Add a command-line interface (`python -m idna`, also available as the `idna` script). Encodes or decodes one or more domains supplied as arguments or on standard input, with options to select A-label or U-label output and control error handling. - Raise the minimum supported Python version to 3.9 - Various code quality improvements - Enforce DNS-length cap on individual labels early in `check_label`, short-circuiting contextual-rule processing for oversized input while staying compatible with UTS 46 usage. - Tidy core helpers: hoist bidi category sets to module-level frozensets (avoiding per-codepoint list construction), simplify length checks, and reuse the shared `_unicode_dots_re` from `idna.core` in the codec module. - Use `raise ... from err` for proper exception chaining and switch internal string formatting to f-strings. - Allow `flit_core` 4.x in the build backend. - Expand the ruff lint set (flake8-bugbear, flake8-simplify, pyupgrade, perflint) and apply the surfaced fixes; pin lint CI to Python 3.14. - Add Dependabot configuration for GitHub Actions. - Convert README and HISTORY from reStructuredText to Markdown. - Reference CVE-2026-45409 for the 3.14 advisory in place of the initial GHSA identifier. Thanks to Felix Yan, Stan Ulbrych, and metsw24-max for contributions to this release. - Removed opportunity to process long inputs into quadratic time by rejecting oversize inputs up-front. Closes a bypass of the CVE-2024-3651 mitigation. [CVE-2026-45409] Thanks to Stan Ulbrych for reporting the issue. Signed-off-by: Jörg Sommer <[email protected]> --- .../python/{python3-idna_3.13.bb => python3-idna_3.17.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta/recipes-devtools/python/{python3-idna_3.13.bb => python3-idna_3.17.bb} (82%) diff --git a/meta/recipes-devtools/python/python3-idna_3.13.bb b/meta/recipes-devtools/python/python3-idna_3.17.bb similarity index 82% rename from meta/recipes-devtools/python/python3-idna_3.13.bb rename to meta/recipes-devtools/python/python3-idna_3.17.bb index 339abb89c2..bf91b8627d 100644 --- a/meta/recipes-devtools/python/python3-idna_3.13.bb +++ b/meta/recipes-devtools/python/python3-idna_3.17.bb @@ -3,7 +3,7 @@ HOMEPAGE = "https://github.com/kjd/idna"; LICENSE = "BSD-3-Clause & Python-2.0 & Unicode-TOU" LIC_FILES_CHKSUM = "file://LICENSE.md;md5=9a6c29079fc90c29d80332f44d2625f2" -SRC_URI[sha256sum] = "585ea8fe5d69b9181ec1afba340451fba6ba764af97026f92a91d4eef164a242" +SRC_URI[sha256sum] = "5eb0cb53bc467c12eadcf6de83163ad8527cec9416f44b9b61b19caedad2b87f" inherit pypi python_flit_core ptest-python-pytest -- 2.53.0
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#237796): https://lists.openembedded.org/g/openembedded-core/message/237796 Mute This Topic: https://lists.openembedded.org/mt/119577001/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
