mirrors/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-02-06 23:50:28 +00:00
Code Issues Projects Releases Wiki Activity

python3-twisted: Fix CVE-2024-41671

Browse Source 
Twisted is an event-based framework for internet applications, supporting
Python 3.6+. The HTTP 1.0 and 1.1 server provided by twisted.web could process
pipelined HTTP requests out-of-order, possibly resulting in information
disclosure. This vulnerability is fixed in 24.7.0rc1.

References:
https://nvd.nist.gov/vuln/detail/CVE-2024-41671

Upstream-patches:
046a164f89
4a930de12f

Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
This commit is contained in:
Soumya Sambu
2024-08-25 18:41:03 +00:00
committed by Armin Kuster
parent 399b7b9051
commit 1235dd4ed4
3 changed files with 345 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
meta-python/recipes-devtools/python/python3-twisted_24.3.0.bb
View File

@@ -6,6 +6,11 @@ HOMEPAGE = "https://twisted.org"
LICENSE = "MIT"
LIC_FILES_CHKSUM = "file://LICENSE;md5=c1c5d2c2493b848f83864bdedd67bbf5"
SRC_URI += " \
file://CVE-2024-41671-0001.patch \
file://CVE-2024-41671-0002.patch \
"
SRC_URI[sha256sum] = "6b38b6ece7296b5e122c9eb17da2eeab3d98a198f50ca9efd00fb03e5b4fd4ae"
inherit pypi python_hatchling