mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-05-10 05:49:28 +00:00
Code Issues Projects Releases Wiki Activity
Files
f1de33df8b920c4a48e28797d83b152a7cb0c1c6
poky/meta/recipes-devtools/python/python3-mako
T
History
Narpat Mali 848be11a43 python3-mako: backport fix for CVE-2022-40023 
Sqlalchemy mako before 1.2.2 is vulnerable to Regular expression Denial of Service
when using the Lexer class to parse. This also affects babelplugin and linguaplugin.

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2022-40023

Reference to Upstream Patch:
https://github.com/sqlalchemy/mako/commit/925760291d6efec64fda6e9dd1fd9cfbd5be068c

(From OE-Core rev: 34727812b54fd52f85806f4f95702286d551b5fd)

Signed-off-by: Narpat Mali <narpat.mali@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2022-11-20 08:19:17 +00:00
..
CVE-2022-40023.patch