mirrors/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-05-06 16:58:24 +00:00
Code Issues Projects Releases Wiki Activity

python3-twisted: Fix CVE-2024-41671

Browse Source 
Twisted is an event-based framework for internet applications, supporting Python 3.6+.
The HTTP 1.0 and 1.1 server provided by twisted.web could process pipelined HTTP
requests out-of-order, possibly resulting in information disclosure. This vulnerability
is fixed in 24.7.0rc1.

References:
https://nvd.nist.gov/vuln/detail/CVE-2024-41671
https://ubuntu.com/security/CVE-2024-41671

Upstream patches:
f1cb4e616e
ef2c755e9e

Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
This commit is contained in:
Soumya Sambu
2025-04-23 04:59:35 +00:00
committed by Armin Kuster
parent 85275437cd
commit 5c4b61d38a
3 changed files with 232 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
meta-python/recipes-devtools/python/python3-twisted_22.2.0.bb
View File

@@ -11,6 +11,9 @@ SRC_URI[sha256sum] = "57f32b1f6838facb8c004c89467840367ad38e9e535f8252091345dba5
PYPI_PACKAGE = "Twisted"
SRC_URI += "file://CVE-2024-41671-0001.patch \
file://CVE-2024-41671-0002.patch"
inherit pypi python_setuptools_build_meta
do_install:append() {