linux/meta-openembedded.git - Mirror of git.openembedded.org/meta-openembedded

	Commit message (Collapse)	Author	Age	Files	Lines
*	python3-waitress: set CVE_PRODUCT	Gyorgy Sarvari	13 days	1	-0/+2
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	The CVEs for this recipes are tracked using the agendaless:waitress CPE, which doesn't match the default python:waitress CPE, making the cve-checker miss relevant CVEs. See CVE db query: sqlite> select * from products where PRODUCT like 'waitress'; CVE-2019-16785\|agendaless\|waitress\|\|\|1.3.1\|<= CVE-2019-16786\|agendaless\|waitress\|\|\|1.3.1\|< CVE-2019-16789\|agendaless\|waitress\|\|\|1.4.0\|<= CVE-2019-16792\|agendaless\|waitress\|\|\|1.3.1\|<= CVE-2020-5236\|agendaless\|waitress\|1.4.2\|=\|\| CVE-2022-24761\|agendaless\|waitress\|\|\|2.1.1\|< CVE-2022-31015\|agendaless\|waitress\|2.1.0\|>=\|2.1.2\|< CVE-2024-49768\|agendaless\|waitress\|2.0.0\|>=\|3.0.1\|< CVE-2024-49769\|agendaless\|waitress\|\|\|3.0.1\|< Set CVE_PRODUCT accordingly. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
*	python3-waitress: Upgrade 3.0.0 -> 3.0.2	Leon Anavi	2024-11-29	1	-0/+15
	Upgrade to version 3.0.2: - When using Waitress to process trusted proxy headers, Waitress will now update the headers to drop any untrusted values, thereby making sure that WSGI apps only get trusted and validated values that Waitress itself used to update the environ. Signed-off-by: Leon Anavi <leon.anavi@konsulko.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>