diff options
| author | Narpat Mali <narpat.mali@windriver.com> | 2023-10-06 14:13:49 +0000 |
|---|---|---|
| committer | Armin Kuster <akuster808@gmail.com> | 2023-10-17 08:44:46 -0400 |
| commit | 6432fee6d04bec8573f1afcc5a9301899d05ac0f (patch) | |
| tree | c021422e1365712a1db92e1006a7e26127768578 /meta-python/recipes-devtools/python/python3-gevent_21.12.0.bb | |
| parent | e2b534cc3a9f178b909c1e15c4b5919c7c0395db (diff) | |
| download | meta-openembedded-6432fee6d04bec8573f1afcc5a9301899d05ac0f.tar.gz | |
python3-gevent: fix CVE-2023-41419
An issue in Gevent Gevent before version 23.9.1 allows a remote attacker
to escalate privileges via a crafted script to the WSGIServer component.
References:
https://nvd.nist.gov/vuln/detail/CVE-2023-41419
https://github.com/advisories/GHSA-x7m3-jprg-wc5g
Signed-off-by: Narpat Mali <narpat.mali@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Diffstat (limited to 'meta-python/recipes-devtools/python/python3-gevent_21.12.0.bb')
| -rw-r--r-- | meta-python/recipes-devtools/python/python3-gevent_21.12.0.bb | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/meta-python/recipes-devtools/python/python3-gevent_21.12.0.bb b/meta-python/recipes-devtools/python/python3-gevent_21.12.0.bb index 9efeec4d9f..fd6b0f531a 100644 --- a/meta-python/recipes-devtools/python/python3-gevent_21.12.0.bb +++ b/meta-python/recipes-devtools/python/python3-gevent_21.12.0.bb | |||
| @@ -13,6 +13,8 @@ RDEPENDS:${PN} = "${PYTHON_PN}-greenlet \ | |||
| 13 | 13 | ||
| 14 | SRC_URI[sha256sum] = "f48b64578c367b91fa793bf8eaaaf4995cb93c8bc45860e473bf868070ad094e" | 14 | SRC_URI[sha256sum] = "f48b64578c367b91fa793bf8eaaaf4995cb93c8bc45860e473bf868070ad094e" |
| 15 | 15 | ||
| 16 | SRC_URI += "file://CVE-2023-41419.patch" | ||
| 17 | |||
| 16 | inherit pypi setuptools3 | 18 | inherit pypi setuptools3 |
| 17 | 19 | ||
| 18 | # Don't embed libraries, link to the system instead | 20 | # Don't embed libraries, link to the system instead |