Skip to content

Commit

Permalink
cpython: Downgrade xz_utils to mitigate CVE-2024-3094 (#23313)
Browse files Browse the repository at this point in the history
See #23310.
  • Loading branch information
jwillikers authored Mar 30, 2024
1 parent 96c6de1 commit 94c7d27
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions recipes/cpython/all/conanfile.py
Original file line number Diff line number Diff line change
Expand Up @@ -134,7 +134,7 @@ def requirements(self):
# https://github.com/python/cpython/blob/v3.10.13/Include/py_curses.h#L34
self.requires("ncurses/6.4", transitive_headers=True, transitive_libs=True)
if self.options.get_safe("with_lzma", False):
self.requires("xz_utils/5.6.1")
self.requires("xz_utils/5.4.5")

def package_id(self):
del self.info.options.env_vars
Expand Down Expand Up @@ -224,7 +224,7 @@ def _generate_autotools(self):

def generate(self):
VirtualRunEnv(self).generate(scope="build")

if is_msvc(self):
# The msbuild generator only works with Visual Studio
deps = MSBuildDeps(self)
Expand Down

0 comments on commit 94c7d27

Please sign in to comment.