#28011 (Apr 16, 2026, 11:01:40 AM)

Started 7 hr 38 min ago

Took 2.3 sec on build5-deb12build-ansible

Started by upstream project gerrit-pysim build number 3060
originally caused by:

Triggered by Gerrit: https://gerrit.osmocom.org/c/pysim/+/42626 in silent mode.

This run spent:

7.5 sec waiting;
2.3 sec build duration;
9.8 sec total from scheduled to completion.

Revision: c50f4b4a0222a964710ce3124a66fe13c804be65
Repository: $GERRIT_REPO_URL

master

requirements: ensure safe version of PyYAML >= 5.4 (CVE-2020-1747)

PyYAML versions 5.1–5.3.1 are vulnerable to CVE-2020-1747, which allows
arbitrary code execution through yaml.FullLoader. While PyYAML 5.4+
patches this, the dependency specification (pyyaml >= 5.1) doesn't
guarantee a safe version. Let's increase the requirement to version
5.4 to ensure a safe version of is used.

This patch is based on suggestions from:
"YanTong C <chyeyantong03@gmail.com>"

Change-Id: I901c76c59e9c1bab030eab81038e04a475b32510

pmaier@sysmocom.de at 11:01 AM 4/16/26

#28011 (Apr 16, 2026, 11:01:40 AM)

#28011 (Apr 16, 2026, 11:01:40 AM)