mirrors/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-04-20 11:38:34 +00:00
Code Issues Projects Releases Wiki Activity
23,528 Commits 63 Branches 0 Tags
c59e8e9dbcec838eb7699f40a1768bbe7adb3288
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Soumya Sambu c59e8e9dbc python3-werkzeug: Fix CVE-2024-49767 
Werkzeug is a Web Server Gateway Interface web application library. Applications
using `werkzeug.formparser.MultiPartParser` corresponding to a version of Werkzeug
prior to 3.0.6 to parse `multipart/form-data` requests (e.g. all flask applications)
are vulnerable to a relatively simple but effective resource exhaustion (denial of
service) attack. A specifically crafted form submission request can cause the parser
to allocate and block 3 to 8 times the upload size in main memory. There is no upper
limit; a single upload at 1 Gbit/s can exhaust 32 GB of RAM in less than 60 seconds.
Werkzeug version 3.0.6 fixes this issue.

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2024-49767

Upstream-patch:
8760275afb

Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2024-12-31 09:04:08 -05:00
contrib
pw-am.sh: update to new patcwork system
2022-02-28 08:39:26 -08:00
meta-filesystems
ntfs-3g-ntfsprogs: fix CVE-2023-52890
2024-12-08 15:02:11 -05:00
meta-gnome
libgsf: Upgrade 1.14.49 -> 1.14.53
2024-12-08 15:04:56 -05:00
meta-initramfs
grubby: Update branchname to match upstream
2023-11-03 10:49:37 -04:00
meta-multimedia
packagegroup-meta-multimedia: restore x11 restriction for projucer
2023-11-03 10:51:09 -04:00
meta-networking
mosquitto: upgrade 2.0.19 -> 2.0.20
2024-12-31 08:59:59 -05:00
meta-oe
asio: Add ptest support
2024-12-31 09:02:31 -05:00
meta-perl
meta-perl: Drop broken BBCLASSEXTEND variants
2023-11-17 10:48:51 -05:00
meta-python
python3-werkzeug: Fix CVE-2024-49767
2024-12-31 09:04:08 -05:00
meta-webserver
apache2: Upgrade 2.4.60 -> 2.4.62
2024-12-08 14:39:17 -05:00
meta-xfce
xfce4-panel-profiles:fix tar error
2024-07-17 20:10:27 -04:00
.gitignore
.gitignore: add *.pyc and *.pyo
2019-06-15 16:45:33 -07:00
COPYING.MIT
add README and license for this layer
2011-02-13 16:47:32 +01:00
README
meta-openemnedded: Add myself as kirkstone maintainer
2022-04-23 17:14:31 -07:00

README 

Collection of layers for the OE-core universe

Main layer maintainer: Armin Kuster <akuster808@gmail.com>

This repository is a collection of layers to suppliment OE-Core
with additional packages, Each layer have designated maintainer
Please see the respective READMEs in the layer subdirectories
Reference in New Issue View Git Blame Copy Permalink
Description
No description provided
Readme 110 MiB
Languages
BitBake 85%
Shell 6.2%
C 3%
Roff 2.2%
NASL 1.9%
Other 1.5%