diff options
author | Haiqing Bai <Haiqing.Bai@windriver.com> | 2021-02-04 11:27:43 +0530 |
---|---|---|
committer | Armin Kuster <akuster808@gmail.com> | 2021-02-04 22:43:54 -0800 |
commit | 55f71e0a18f3fcea14b4ee6ac526cf391632a7f6 (patch) | |
tree | 931aa5e03219bf28e07ea4b8cb94cd507b1acb77 /meta-python/recipes-devtools/python/python3-urllib3_1.25.7.bb | |
parent | b1de50b2fcbe43cf10508cece48f229e18009cd0 (diff) | |
download | meta-openembedded-contrib-55f71e0a18f3fcea14b4ee6ac526cf391632a7f6.tar.gz |
python-urllib3/python3-urllib3: fix CVE-2020-7212
Optimize _encode_invalid_chars for a denial of service (CPU consumption)
CVE: CVE-2020-7212
Signed-off-by: Haiqing Bai <Haiqing.Bai@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Harpritkaur Bhandari <Harpritkaur.Bhandari@kpit.com>
[Add CVE: CVE-2020-7212 to the patch itself]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Diffstat (limited to 'meta-python/recipes-devtools/python/python3-urllib3_1.25.7.bb')
-rw-r--r-- | meta-python/recipes-devtools/python/python3-urllib3_1.25.7.bb | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/meta-python/recipes-devtools/python/python3-urllib3_1.25.7.bb b/meta-python/recipes-devtools/python/python3-urllib3_1.25.7.bb index 34c15b6c24..8d987a1f30 100644 --- a/meta-python/recipes-devtools/python/python3-urllib3_1.25.7.bb +++ b/meta-python/recipes-devtools/python/python3-urllib3_1.25.7.bb @@ -8,6 +8,8 @@ SRC_URI[sha256sum] = "f3c5fd51747d450d4dcf6f923c81f78f811aab8205fda64b0aba34a4e4 inherit pypi setuptools3 +SRC_URI += "file://CVE-2020-7212.patch" + RDEPENDS_${PN} += "\ ${PYTHON_PN}-certifi \ ${PYTHON_PN}-cryptography \ |