linux/meta-openembedded.git/meta-python/recipes-devtools/python/python3-urllib3, branch dunfell
Mirror of git.openembedded.org/meta-openembedded
https://git.enea.com/cgit/linux/meta-openembedded.git/atom?h=dunfell
2022-04-18T14:37:42+00:00
python3-urllib3: Fix CVE-2020-26137 and CVE-2021-33503
2022-04-18T14:37:42+00:00
Ranjitsinh Rathod
ranjitsinh.rathod@kpit.com
2022-04-08T09:57:49+00:00
urn:sha1:dbf01a10e27d91f55c215156d97c62096d22d56a
Add patch to fix CVE-2020-26137
Link: https://ubuntu.com/security/CVE-2020-26137
Link: https://github.com/urllib3/urllib3/commit/1dd69c5c5982fae7c87a620d487c2ebf7a6b436b.patch
Add patch to fix CVE-2021-33503
Link: https://ubuntu.com/security/CVE-2021-33503
Link: https://github.com/urllib3/urllib3/commit/2d4a3fee6de2fa45eb82169361918f759269b4ec.patch
Signed-off-by: Nikhil R <nikhil.r@kpit.com>
Signed-off-by: Ranjitsinh Rathod <ranjitsinh.rathod@kpit.com>
Signed-off-by: Ranjitsinh Rathod <ranjitsinhrathod1991@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
python-urllib3/python3-urllib3: fix CVE-2020-7212
2021-02-05T06:43:54+00:00
Haiqing Bai
Haiqing.Bai@windriver.com
2021-02-04T05:57:43+00:00
urn:sha1:55f71e0a18f3fcea14b4ee6ac526cf391632a7f6
Optimize _encode_invalid_chars for a denial of service (CPU consumption)
CVE: CVE-2020-7212
Signed-off-by: Haiqing Bai <Haiqing.Bai@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Harpritkaur Bhandari <Harpritkaur.Bhandari@kpit.com>
[Add CVE: CVE-2020-7212 to the patch itself]
Signed-off-by: Armin Kuster <akuster808@gmail.com>