diff options
author | Narpat Mali <narpat.mali@windriver.com> | 2022-11-10 22:18:06 +0800 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2022-11-20 08:19:17 +0000 |
commit | 848be11a4390bd39323c9feaf2fe880e2b41f99c (patch) | |
tree | 0168669551a6bfecc3171390b4bf830a1a3442b9 /meta/recipes-kernel/lttng/lttng-modules | |
parent | 52e9ab5da1f445266c94b0c6432ddc2747fdc2c0 (diff) | |
download | poky-848be11a4390bd39323c9feaf2fe880e2b41f99c.tar.gz |
python3-mako: backport fix for CVE-2022-40023
Sqlalchemy mako before 1.2.2 is vulnerable to Regular expression Denial of Service
when using the Lexer class to parse. This also affects babelplugin and linguaplugin.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2022-40023
Reference to Upstream Patch:
https://github.com/sqlalchemy/mako/commit/925760291d6efec64fda6e9dd1fd9cfbd5be068c
(From OE-Core rev: 34727812b54fd52f85806f4f95702286d551b5fd)
Signed-off-by: Narpat Mali <narpat.mali@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-kernel/lttng/lttng-modules')
0 files changed, 0 insertions, 0 deletions