mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-05-10 17:59:32 +00:00
Code Issues Projects Releases Wiki Activity
Files
c5558d6e86b3445ede75d58decc9aa1fe5ff40fc
poky/meta/recipes-devtools/python/python3-setuptools
T
History
Narpat Mali 92b150b9f3 python3-setuptools: fix for CVE-2022-40897 
Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers
to cause a denial of service via HTML in a crafted package or custom PackageIndex
page. There is a Regular Expression Denial of Service (ReDoS) in package_index.py.

CVE: CVE-2022-40897

Upstream-Status: Backport [https://github.com/pypa/setuptools/commit/43a9c9bfa6aa626ec2a22540bea28d2ca77964be]

(From OE-Core rev: f574d8d57ff3fbc38e350e7a90913993081c4fdf)

Signed-off-by: Narpat Mali <narpat.mali@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2023-01-26 23:37:05 +00:00
..
0001-_distutils-sysconfig-append-STAGING_LIBDIR-python-sy.patch
python3-setuptools: update 58.5.3 -> 59.2.0
2021-11-25 21:55:10 +00:00
0001-change-shebang-to-python3.patch
0001-Limit-the-amount-of-whitespace-to-search-backtrack.-.patch
python3-setuptools: fix for CVE-2022-40897
2023-01-26 23:37:05 +00:00