mirror of
https://github.com/openembedded/meta-openembedded.git
synced 2026-01-12 03:24:08 +00:00
9a7a73877e
Details: https://nvd.nist.gov/vuln/detail/CVE-2020-7694
The vulnerability was reported to the project[1], and the commit[2] that
resolved the issue has been part of the project since version 0.11.7.
Mark the CVE as patched due to this.
[1]: https://github.com/Kludex/uvicorn/issues/723
[2]: 895807f94e
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
33 lines
914 B
BlitzBasic
33 lines
914 B
BlitzBasic
SUMMARY = "The lightning-fast ASGI server."
|
|
HOMEPAGE = "https://github.com/encode/uvicorn"
|
|
LICENSE = "BSD-3-Clause"
|
|
LIC_FILES_CHKSUM = "file://LICENSE.md;md5=5c778842f66a649636561c423c0eec2e"
|
|
RECIPE_MAINTAINER = "Tom Geelen <t.f.g.geelen@gmail.com>"
|
|
|
|
SRC_URI[sha256sum] = "839676675e87e73694518b5574fd0f24c9d97b46bea16df7b8c05ea1a51071ea"
|
|
|
|
SRC_URI += "file://0001-ptest-disable-failing-tests.patch"
|
|
|
|
inherit pypi python_hatchling ptest-python-pytest
|
|
|
|
PYPI_PACKAGE = "uvicorn"
|
|
CVE_PRODUCT = "encode:uvicorn"
|
|
CVE_STATUS[CVE-2020-7694] = "fixed-version: The vulnerability has been fixed since 0.11.7"
|
|
|
|
RDEPENDS:${PN} = "\
|
|
python3-click \
|
|
python3-h11 (>=0.8) \
|
|
python3-httptools \
|
|
python3-multiprocessing \
|
|
python3-python-dotenv \
|
|
python3-websockets \
|
|
python3-wsproto \
|
|
"
|
|
|
|
RDEPENDS:${PN}-ptest += "\
|
|
python3-a2wsgi \
|
|
python3-httpx \
|
|
python3-pytest-mock \
|
|
python3-pyyaml \
|
|
"
|