python-urllib3/python3-urllib3: fix CVE-2020-7212

Optimize _encode_invalid_chars for a denial of service (CPU consumption) CVE: CVE-2020-7212 Signed-off-by: Haiqing Bai <Haiqing.Bai@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Harpritkaur Bhandari <Harpritkaur.Bhandari@kpit.com> [Add CVE: CVE-2020-7212 to the patch itself] Signed-off-by: Armin Kuster <akuster808@gmail.com>
author: Haiqing Bai <Haiqing.Bai@windriver.com> 2021-02-04 11:27:43 +0530
committer: Armin Kuster <akuster808@gmail.com> 2021-02-04 22:43:54 -0800
commit: 55f71e0a18f3fcea14b4ee6ac526cf391632a7f6 (patch)
tree: 931aa5e03219bf28e07ea4b8cb94cd507b1acb77 /meta-python/recipes-devtools/python/python3-urllib3_1.25.7.bb
parent: b1de50b2fcbe43cf10508cece48f229e18009cd0 (diff)
download: meta-openembedded-contrib-55f71e0a18f3fcea14b4ee6ac526cf391632a7f6.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/meta-python/recipes-devtools/python/python3-urllib3_1.25.7.bb b/meta-python/recipes-devtools/python/python3-urllib3_1.25.7.bb
index 34c15b6c24..8d987a1f30 100644
--- a/meta-python/recipes-devtools/python/python3-urllib3_1.25.7.bb
+++ b/meta-python/recipes-devtools/python/python3-urllib3_1.25.7.bb
@@ -8,6 +8,8 @@ SRC_URI[sha256sum] = "f3c5fd51747d450d4dcf6f923c81f78f811aab8205fda64b0aba34a4e4
 
 inherit pypi setuptools3
 
+SRC_URI += "file://CVE-2020-7212.patch"
+
 RDEPENDS_${PN} += "\
     ${PYTHON_PN}-certifi \
     ${PYTHON_PN}-cryptography \
author	Haiqing Bai <Haiqing.Bai@windriver.com>	2021-02-04 11:27:43 +0530
committer	Armin Kuster <akuster808@gmail.com>	2021-02-04 22:43:54 -0800
commit	55f71e0a18f3fcea14b4ee6ac526cf391632a7f6 (patch)
tree	931aa5e03219bf28e07ea4b8cb94cd507b1acb77 /meta-python/recipes-devtools/python/python3-urllib3_1.25.7.bb
parent	b1de50b2fcbe43cf10508cece48f229e18009cd0 (diff)
download	meta-openembedded-contrib-55f71e0a18f3fcea14b4ee6ac526cf391632a7f6.tar.gz