test/py: Bump py to 1.10.0 for CVE-2020-29651

Message ID	20210421142201.23011-1-trini@konsulko.com
State	Accepted
Commit	e1333435afbf0c6290b1d16bb446b57807f75502
Delegated to:	Tom Rini
Headers	show Return-Path: <u-boot-bounces@lists.denx.de> From: Tom Rini <trini@konsulko.com> To: u-boot@lists.denx.de Subject: [PATCH] test/py: Bump py to 1.10.0 for CVE-2020-29651 Date: Wed, 21 Apr 2021 10:22:01 -0400 Message-Id: <20210421142201.23011-1-trini@konsulko.com> Precedence: list Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" <u-boot-bounces@lists.denx.de>
Series	test/py: Bump py to 1.10.0 for CVE-2020-29651 \| expand test/py: Bump py to 1.10.0 for CVE-2020-29651

Message ID

20210421142201.23011-1-trini@konsulko.com

State

Accepted

Commit

e1333435afbf0c6290b1d16bb446b57807f75502

Delegated to:

Tom Rini

Headers

show

Return-Path: <u-boot-bounces@lists.denx.de>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Authentication-Results: ozlabs.org;
 spf=pass (sender SPF authorized) smtp.mailfrom=lists.denx.de
 (client-ip=85.214.62.61; helo=phobos.denx.de;
 envelope-from=u-boot-bounces@lists.denx.de; receiver=<UNKNOWN>)
Received: from phobos.denx.de (phobos.denx.de [85.214.62.61])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest
 SHA256)
	(No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id 4FQN6s68vyz9sWl
	for <incoming@patchwork.ozlabs.org>; Thu, 22 Apr 2021 00:22:23 +1000 (AEST)
Received: from h2850616.stratoserver.net (localhost [IPv6:::1])
	by phobos.denx.de (Postfix) with ESMTP id 43C9280F0B;
	Wed, 21 Apr 2021 16:22:12 +0200 (CEST)
Authentication-Results: phobos.denx.de;
 dmarc=none (p=none dis=none) header.from=konsulko.com
Authentication-Results: phobos.denx.de;
 spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de
Received: by phobos.denx.de (Postfix, from userid 109)
 id 40F7B819C3; Wed, 21 Apr 2021 16:22:10 +0200 (CEST)
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,RCVD_IN_MSPIKE_H2,
 SPF_HELO_NONE autolearn=ham autolearn_force=no version=3.4.2
Received: from mail-qk1-f178.google.com (mail-qk1-f178.google.com
 [209.85.222.178])
 (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits))
 (No client certificate requested)
 by phobos.denx.de (Postfix) with ESMTPS id D1AE580EBD
 for <u-boot@lists.denx.de>; Wed, 21 Apr 2021 16:22:06 +0200 (CEST)
Authentication-Results: phobos.denx.de;
 dmarc=none (p=none dis=none) header.from=konsulko.com
Authentication-Results: phobos.denx.de;
 spf=pass smtp.mailfrom=tom.rini@gmail.com
Received: by mail-qk1-f178.google.com with SMTP id o5so42952194qkb.0
 for <u-boot@lists.denx.de>; Wed, 21 Apr 2021 07:22:06 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:to:subject:date:message-id;
 bh=dRR2gocx7K2z2mz+qegI+bjIheW5Ir5SQYP1K6ZINDM=;
 b=i6dF9lmPh3YW33JiG8Sh+gibA6sIsL2U0O0k9vBcp2061+xs5lPn5fti0AeEqtFQ2w
 ZlQht1AG5TBwrSlmHAqoSvArlPVRodUQFAghrT6NfP9GMAxn4CY4maDHSZXfW0jxlZXW
 zUR0PGMFwCDzponFZHI7vVnssrnZnH79+0L/zDexU30PxwW/2kh0WZp0DoNGah5xgarA
 GC+eYpiIoq54gTOAFEOF44Lm9rKq2LZN0nPnv9GGzdp949wvTPTYYw5fFXFL2wsfjZM6
 yZnjgebM1Va/nxM67HIgO5FnqbSuFWU+APl5B3+zs4eHw69woeqYv0/AXhBLBybhebDC
 HaVg==
X-Gm-Message-State: AOAM533AvUug1vOkp/HVFF+dluVhJuw3+dfd2EOcYzDE9HCLxVfCCcmB
 see292oHAvNs/Uij3Ns29DT94S7hlDUT
X-Google-Smtp-Source: 
 ABdhPJy901iCsQAWFkAh5THao+kqVy9qqbNEcOdAXlgvO1b9uhiogZYvJmb5IdkLrYPsvAL6yZ5iKw==
X-Received: by 2002:a37:9ac3:: with SMTP id
 c186mr9373074qke.486.1619014924999;
 Wed, 21 Apr 2021 07:22:04 -0700 (PDT)
Received: from bill-the-cat.lan (cpe-65-184-140-239.ec.res.rr.com.
 [65.184.140.239])
 by smtp.gmail.com with ESMTPSA id t63sm2287688qkh.6.2021.04.21.07.22.04
 for <u-boot@lists.denx.de>
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Wed, 21 Apr 2021 07:22:04 -0700 (PDT)
From: Tom Rini <trini@konsulko.com>
To: u-boot@lists.denx.de
Subject: [PATCH] test/py: Bump py to 1.10.0 for CVE-2020-29651
Date: Wed, 21 Apr 2021 10:22:01 -0400
Message-Id: <20210421142201.23011-1-trini@konsulko.com>
X-Mailer: git-send-email 2.17.1
X-BeenThere: u-boot@lists.denx.de
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: U-Boot discussion <u-boot.lists.denx.de>
List-Unsubscribe: <https://lists.denx.de/options/u-boot>,
 <mailto:u-boot-request@lists.denx.de?subject=unsubscribe>
List-Archive: <https://lists.denx.de/pipermail/u-boot/>
List-Post: <mailto:u-boot@lists.denx.de>
List-Help: <mailto:u-boot-request@lists.denx.de?subject=help>
List-Subscribe: <https://lists.denx.de/listinfo/u-boot>,
 <mailto:u-boot-request@lists.denx.de?subject=subscribe>
Errors-To: u-boot-bounces@lists.denx.de
Sender: "U-Boot" <u-boot-bounces@lists.denx.de>
X-Virus-Scanned: clamav-milter 0.102.4 at phobos.denx.de
X-Virus-Status: Clean

Series

test/py: Bump py to 1.10.0 for CVE-2020-29651 | expand

Commit Message

Tom Rini April 21, 2021, 2:22 p.m. UTC

Bump our py version to 1.10.0 to address CVE-2020-29651.

Reported-by: GitHub dependabot
Reported-by: Ley Foon Tan <ley.foon.tan@intel.com>
Signed-off-by: Tom Rini <trini@konsulko.com>
---
 test/py/requirements.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Comments

Tom Rini April 24, 2021, 9:42 p.m. UTC | #1

On Wed, Apr 21, 2021 at 10:22:01AM -0400, Tom Rini wrote:

> Bump our py version to 1.10.0 to address CVE-2020-29651.
> 
> Reported-by: GitHub dependabot
> Reported-by: Ley Foon Tan <ley.foon.tan@intel.com>
> Signed-off-by: Tom Rini <trini@konsulko.com>

Applied to u-boot/master, thanks!

diff --git a/test/py/requirements.txt b/test/py/requirements.txt
index 9c346b4b41f8..5b4829256d34 100644
--- a/test/py/requirements.txt
+++ b/test/py/requirements.txt
@@ -9,7 +9,7 @@  more-itertools==7.2.0
 packaging==19.2
 pbr==5.4.3
 pluggy==0.13.0
-py==1.8.0
+py==1.10.0
 pycryptodomex==3.9.8
 pyelftools==0.27
 pygit2==0.28.2

test/py: Bump py to 1.10.0 for CVE-2020-29651

Commit Message

Comments

Patch