mirror of
https://github.com/openembedded/meta-openembedded.git
synced 2026-01-13 03:41:43 +00:00
420acd8735
sqlparse is a non-validating SQL parser module for Python. In affected versions the SQL parser contains a regular expression that is vulnerable to ReDoS (Regular Expression Denial of Service). This issue was introduced by commit `e75e358`. The vulnerability may lead to Denial of Service (DoS). This issues has been fixed in sqlparse 0.4.4 by commit `c457abd5f`. Users are advised to upgrade. There are no known workarounds for this issue. Signed-off-by: Narpat Mali <narpat.mali@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
30 lines
759 B
BlitzBasic
30 lines
759 B
BlitzBasic
DESCRIPTION = "Non-validating SQL parser module"
|
|
HOMEPAGE = "http://pypi.python.org/pypi/sqlparse"
|
|
SECTION = "devel/python"
|
|
LICENSE = "BSD-3-Clause"
|
|
LIC_FILES_CHKSUM = "file://LICENSE;md5=2b136f573f5386001ea3b7b9016222fc"
|
|
|
|
SRC_URI += "file://0001-sqlparse-change-shebang-to-python3.patch \
|
|
file://run-ptest \
|
|
file://CVE-2023-30608.patch \
|
|
"
|
|
|
|
SRC_URI[sha256sum] = "0c00730c74263a94e5a9919ade150dfc3b19c574389985446148402998287dae"
|
|
|
|
export BUILD_SYS
|
|
export HOST_SYS
|
|
|
|
inherit pypi ptest setuptools3
|
|
|
|
RDEPENDS:${PN}-ptest += " \
|
|
${PYTHON_PN}-pytest \
|
|
${PYTHON_PN}-unixadmin \
|
|
"
|
|
|
|
do_install_ptest() {
|
|
install -d ${D}${PTEST_PATH}/tests
|
|
cp -rf ${S}/tests/* ${D}${PTEST_PATH}/tests/
|
|
}
|
|
|
|
BBCLASSEXTEND = "native nativesdk"
|