Contains fix for CVE-2026-14009. Changelog: * Fix CVE-2025-14009: secure ZIP extraction in nltk.downloader * Block path traversal/arbitrary reads in nltk.data for protocol-less refs * Block path traversal/abs paths in corpus readers and FS pointers * Validate external StanfordSegmenter JARs using SHA256 * Add optional sandbox enforcement for filestring() * Maintenance: downloader/zipped models, CI/tooling updates
Signed-off-by: Gyorgy Sarvari <[email protected]> --- .../{python3-nltk_3.9.2.bb => python3-nltk_3.9.3.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta-python/recipes-devtools/python3-nltk/{python3-nltk_3.9.2.bb => python3-nltk_3.9.3.bb} (88%) diff --git a/meta-python/recipes-devtools/python3-nltk/python3-nltk_3.9.2.bb b/meta-python/recipes-devtools/python3-nltk/python3-nltk_3.9.3.bb similarity index 88% rename from meta-python/recipes-devtools/python3-nltk/python3-nltk_3.9.2.bb rename to meta-python/recipes-devtools/python3-nltk/python3-nltk_3.9.3.bb index 43c23254d9..8953b75b28 100644 --- a/meta-python/recipes-devtools/python3-nltk/python3-nltk_3.9.2.bb +++ b/meta-python/recipes-devtools/python3-nltk/python3-nltk_3.9.3.bb @@ -23,4 +23,4 @@ RRECOMMENDS:${PN} = "\ inherit setuptools3 pypi -SRC_URI[sha256sum] = "0f409e9b069ca4177c1903c3e843eef90c7e92992fa4931ae607da6de49e1419" +SRC_URI[sha256sum] = "cb5945d6424a98d694c2b9a0264519fab4363711065a46aa0ae7a2195b92e71f"
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#124585): https://lists.openembedded.org/g/openembedded-devel/message/124585 Mute This Topic: https://lists.openembedded.org/mt/117979408/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
