Mirror of git.openembedded.org/meta-openembedded https://git.enea.com/cgit/linux/meta-openembedded.git/atom?h=mickledore-net 2020-06-11T03:56:11+00:00 2020-06-11T03:56:11+00:00 Leon Anavi leon.anavi@konsulko.com 2020-06-09T11:10:47+00:00 urn:sha1:c7f63a9758632c0641159251a6901fdaca8d506d Upgrade to release 1.4.4. Signed-off-by: Leon Anavi <leon.anavi@konsulko.com> Acked-by: Trevor Gamblin <trevor.gamblin@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> 2020-04-13T05:57:22+00:00 Pierre-Jean Texier pjtexier@koncepto.io 2020-04-12T15:03:31+00:00 urn:sha1:6218b1b8dadffa20c079e98ae2166fe95b4870f2 This is a security release: - In Waitress version 1.4.2 a new regular expression was added to validate the headers that Waitress receives to make sure that it matches RFC7230. Unfortunately the regular expression was written in a way that with invalid input it leads to catastrophic backtracking which allows for a Denial of Service and CPU usage going to a 100%. Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io> Signed-off-by: Khem Raj <raj.khem@gmail.com>