summaryrefslogtreecommitdiffstats
path: root/meta-python/recipes-devtools/python/python3-werkzeug_3.1.4.bb
Commit message (Collapse)AuthorAgeFilesLines
* python3-werkzeug: set CVE_PRODUCTGyorgy Sarvari2025-12-311-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | The relevant CVEs are tracked using palletsprojects:werkzeug CPE, which makes the the default python:werkzeug CPE to not match anything. See CVE db query: sqlite> select * from products where PRODUCT like 'werkzeug'; CVE-2016-10516|palletsprojects|werkzeug|||0.11.11|< CVE-2019-14322|palletsprojects|werkzeug|||0.15.5|< CVE-2019-14806|palletsprojects|werkzeug|||0.15.3|< CVE-2020-28724|palletsprojects|werkzeug|||0.11.6|< CVE-2022-29361|palletsprojects|werkzeug|||2.1.0|<= CVE-2023-23934|palletsprojects|werkzeug|||2.2.3|< CVE-2023-25577|palletsprojects|werkzeug|||2.2.3|< CVE-2023-46136|palletsprojects|werkzeug|||2.3.8|< CVE-2023-46136|palletsprojects|werkzeug|3.0.0|=|| CVE-2024-34069|palletsprojects|werkzeug|||3.0.3|< CVE-2024-49766|palletsprojects|werkzeug|||3.0.6|< CVE-2024-49767|palletsprojects|werkzeug|||3.0.6|< CVE-2025-66221|palletsprojects|werkzeug|||3.1.4|< Set the CVE_PRODUCT so it matches the relevant entries. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-werkzeug: upgrade 3.1.3 -> 3.1.4Wang Mingyu2025-12-021-0/+24
Changelog: ============== - safe_join on Windows does not allow special device names. This prevents reading from these when using send_from_directory. secure_filename already prevented writing to these. - The debugger pin fails after 10 attempts instead of 11. - The multipart form parser handles a \r\n sequence at a chunk boundary. - Improve CPU usage during Watchdog reloader. - Request.json annotation is more accurate. - Traceback rendering handles when the line number is beyond the available source lines. - HTTPException.get_response annotation and doc better conveys the distinction between WSGI and sans-IO responses. Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2026-01-19 10:02:36 +0000