diff options
| author |   Pierre-Jean Texier <pjtexier@koncepto.io> | 2020-04-12 17:03:31 +0200 |
|---|---|---|
| committer |   Khem Raj <raj.khem@gmail.com> | 2020-04-12 22:57:22 -0700 |
| commit | 6218b1b8dadffa20c079e98ae2166fe95b4870f2 (patch) | |
| tree | bcfa3239708ed2cdaf0c983056b5a8921073d8ab /meta-python/recipes-devtools | |
| parent | e6bdd891342e550d20cf3f8a99c75918b071015c (diff) | |
| download | meta-openembedded-contrib-6218b1b8dadffa20c079e98ae2166fe95b4870f2.tar.gz | |
python3-waitress: upgrade 1.4.2 -> 1.4.3
This is a security release:
- In Waitress version 1.4.2 a new regular expression was added to validate the
headers that Waitress receives to make sure that it matches RFC7230.
Unfortunately the regular expression was written in a way that with invalid
input it leads to catastrophic backtracking which allows for a Denial of
Service and CPU usage going to a 100%.
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Diffstat (limited to 'meta-python/recipes-devtools')
| -rw-r--r-- | meta-python/recipes-devtools/python/python3-waitress_1.4.3.bb (renamed from meta-python/recipes-devtools/python/python3-waitress_1.4.2.bb) | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/meta-python/recipes-devtools/python/python3-waitress_1.4.2.bb b/meta-python/recipes-devtools/python/python3-waitress_1.4.3.bb index 257993f8fb1..8ac3e928ead 100644 --- a/meta-python/recipes-devtools/python/python3-waitress_1.4.2.bb +++ b/meta-python/recipes-devtools/python/python3-waitress_1.4.3.bb @@ -6,7 +6,7 @@ SECTION = "devel/python" LICENSE = "ZPL-2.1" LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=78ccb3640dc841e1baecb3e27a6966b2" -SRC_URI[md5sum] = "fdeed7ec32bbba011e90801208378c89" -SRC_URI[sha256sum] = "67a60a376f0eb335ed88967c42b73983a58d66a2a72eb9009a42725f7453b142" +SRC_URI[md5sum] = "4bffad7009d3824ae61ea6c0696e45f6" +SRC_URI[sha256sum] = "045b3efc3d97c93362173ab1dfc159b52cfa22b46c3334ffc805dbdbf0e4309e" inherit setuptools3 pypi |