linux/meta-openembedded.git - Mirror of git.openembedded.org/meta-openembedded

	Commit message (Collapse)	Author	Age	Files	Lines
*	python3-aiohttp: mark fixed CVEs are patched	Gyorgy Sarvari	10 days	1	-0/+5
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	All these CVEs have been fixed already, the relevant NVD reports mention it explicitly that 3.13.4 is fixed, along with referencing the commit that fixes the respective vulnerabilities. However each of these are tracked without version info by NVD -.- Due to this, mark them explicitly as patched. Relevant reports: https://nvd.nist.gov/vuln/detail/CVE-2026-22815 https://nvd.nist.gov/vuln/detail/CVE-2026-34513 https://nvd.nist.gov/vuln/detail/CVE-2026-34514 https://nvd.nist.gov/vuln/detail/CVE-2026-34515 https://nvd.nist.gov/vuln/detail/CVE-2026-34516 https://nvd.nist.gov/vuln/detail/CVE-2026-34517 https://nvd.nist.gov/vuln/detail/CVE-2026-34518 https://nvd.nist.gov/vuln/detail/CVE-2026-34519 https://nvd.nist.gov/vuln/detail/CVE-2026-34520 https://nvd.nist.gov/vuln/detail/CVE-2026-34525 Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
*	python3-aiohttp: upgrade 3.13.4 -> 3.13.5	Gyorgy Sarvari	10 days	1	-0/+32
	Changelog: Skipped the duplicate singleton header check in lax mode (the default for response parsing). In strict mode (request parsing, or -X dev), all RFC 9110 singletons are still enforced. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>