mirrors/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-06-18 07:10:32 +00:00
Code Issues Projects Releases Wiki Activity
31,018 Commits 64 Branches 0 Tags
fdf83ebd289465a9534b8110a43a03a6cb2e9a5b
Commit Graph

5 Commits

Author SHA1 Message Date
Ankur Tyagi cb4570120b python3-twisted: patch CVE-2024-41810 
Though nvd[1] mentions commit[2] as part of the fix for CVE-2024-41671, but
it is actually a fix[3] for CVE-2024-41810.

Rename patch files accordingly.

[1] https://nvd.nist.gov/vuln/detail/CVE-2024-41671
[2] https://github.com/twisted/twisted/commit/046a164f89a0f08d3239ecebd750360f8914df33
[3] https://nvd.nist.gov/vuln/detail/CVE-2024-41810

Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
 2026-01-26 10:04:49 +05:30
Soumya Sambu 1235dd4ed4 python3-twisted: Fix CVE-2024-41671 
Twisted is an event-based framework for internet applications, supporting
Python 3.6+. The HTTP 1.0 and 1.1 server provided by twisted.web could process
pipelined HTTP requests out-of-order, possibly resulting in information
disclosure. This vulnerability is fixed in 24.7.0rc1.

References:
https://nvd.nist.gov/vuln/detail/CVE-2024-41671

Upstream-patches:
https://github.com/twisted/twisted/commit/046a164f89a0f08d3239ecebd750360f8914df33
https://github.com/twisted/twisted/commit/4a930de12fb67e88fefcb8822104152f42b27abc

Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2024-08-25 15:15:10 -04:00
Guðni Már Gilbert 4d17537719 python3-twisted: remove obsolete python3-twisted-flow 
The flow module was removed in Twisted 9.0.0 a long time
and currently does not install anything. Let's remove it
to cleanup the recipe.

This commit also removes python3-twisted-news package because
the source files were removed in Twisted 21.2.0. All other
files which no longer exist in the source are also removed from FILES.

Signed-off-by: Guðni Már Gilbert <gudnimar@noxmedical.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2024-06-17 09:01:41 -04:00
Guðni Már Gilbert 3a0c50ec5e python3-twisted: prepend split PACKAGES 
Fixes an issue where split packages were no populated since all the files
were picked up by FILES:${PN}

Signed-off-by: Guðni Már Gilbert <gudnimar@noxmedical.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
 2024-06-17 09:01:27 -04:00
Guðni Már Gilbert a57eea75cd python3-twisted: upgrade 22.10.0 -> 24.3.0 
Changelogs between 22.10.0 and 24.3.0 can be found here:

https://github.com/twisted/twisted/releases/tag/twisted-24.3.0
https://github.com/twisted/twisted/releases/tag/twisted-23.10.0
https://github.com/twisted/twisted/releases/tag/twisted-23.8.0

Summary of changes relevant for the Yocto build:
- Brings official support for Python 3.11 and 3.12, only Python 3.8 and above supported.
- python3-twisted-conch: python3-pyasn1 is no longer a runtime dependency (23.8.0)
- build backend changed from setuptools.build_meta to hatchling.build

Signed-off-by: Guðni Már Gilbert <gudnimar@noxmedical.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2024-04-30 10:59:07 -07:00