mirrors/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-06-14 05:49:57 +00:00
Code Issues Projects Releases Wiki Activity
23,528 Commits 64 Branches 0 Tags
c59e8e9dbcec838eb7699f40a1768bbe7adb3288
T
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Soumya Sambu c59e8e9dbc python3-werkzeug: Fix CVE-2024-49767 
Werkzeug is a Web Server Gateway Interface web application library. Applications
using `werkzeug.formparser.MultiPartParser` corresponding to a version of Werkzeug
prior to 3.0.6 to parse `multipart/form-data` requests (e.g. all flask applications)
are vulnerable to a relatively simple but effective resource exhaustion (denial of
service) attack. A specifically crafted form submission request can cause the parser
to allocate and block 3 to 8 times the upload size in main memory. There is no upper
limit; a single upload at 1 Gbit/s can exhaust 32 GB of RAM in less than 60 seconds.
Werkzeug version 3.0.6 fixes this issue.

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2024-49767

Upstream-patch:
https://github.com/pallets/werkzeug/commit/8760275afb72bd10b57d92cb4d52abf759b2f3a7

Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2024-12-31 09:04:08 -05:00
contrib
pw-am.sh: update to new patcwork system
2022-02-28 08:39:26 -08:00
meta-filesystems
ntfs-3g-ntfsprogs: fix CVE-2023-52890
2024-12-08 15:02:11 -05:00
meta-gnome
libgsf: Upgrade 1.14.49 -> 1.14.53
2024-12-08 15:04:56 -05:00
meta-initramfs
grubby: Update branchname to match upstream
2023-11-03 10:49:37 -04:00
meta-multimedia
packagegroup-meta-multimedia: restore x11 restriction for projucer
2023-11-03 10:51:09 -04:00
meta-networking
mosquitto: upgrade 2.0.19 -> 2.0.20
2024-12-31 08:59:59 -05:00
meta-oe
asio: Add ptest support
2024-12-31 09:02:31 -05:00
meta-perl
meta-perl: Drop broken BBCLASSEXTEND variants
2023-11-17 10:48:51 -05:00
meta-python
python3-werkzeug: Fix CVE-2024-49767
2024-12-31 09:04:08 -05:00
meta-webserver
apache2: Upgrade 2.4.60 -> 2.4.62
2024-12-08 14:39:17 -05:00
meta-xfce
xfce4-panel-profiles:fix tar error
2024-07-17 20:10:27 -04:00
.gitignore
.gitignore: add *.pyc and *.pyo
2019-06-15 16:45:33 -07:00
COPYING.MIT
README
meta-openemnedded: Add myself as kirkstone maintainer
2022-04-23 17:14:31 -07:00

README 

Collection of layers for the OE-core universe

Main layer maintainer: Armin Kuster <akuster808@gmail.com>

This repository is a collection of layers to suppliment OE-Core
with additional packages, Each layer have designated maintainer
Please see the respective READMEs in the layer subdirectories
Reference in New Issue View Git Blame Copy Permalink
S
Description
No description provided
Readme 113 MiB
Languages
BitBake 85.5%
Shell 6.1%
C 3%
Roff 2.1%
NASL 1.9%
Other 1.1%