meta-openembedded

MIRRORS/meta-openembedded

Fork 0

mirror of https://github.com/openembedded/meta-openembedded.git synced 2025-07-19 15:29:08 +02:00

Commit Graph

Author	SHA1	Message	Date
Pierre-Jean Texier	6218b1b8da	python3-waitress: upgrade 1.4.2 -> 1.4.3 This is a security release: - In Waitress version 1.4.2 a new regular expression was added to validate the headers that Waitress receives to make sure that it matches RFC7230. Unfortunately the regular expression was written in a way that with invalid input it leads to catastrophic backtracking which allows for a Denial of Service and CPU usage going to a 100%. Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io> Signed-off-by: Khem Raj <raj.khem@gmail.com>	2020-04-12 22:57:22 -07:00

Author

SHA1

Message

Date

Pierre-Jean Texier

6218b1b8da

python3-waitress: upgrade 1.4.2 -> 1.4.3

This is a security release:

 - In Waitress version 1.4.2 a new regular expression was added to validate the
   headers that Waitress receives to make sure that it matches RFC7230.
   Unfortunately the regular expression was written in a way that with invalid
   input it leads to catastrophic backtracking which allows for a Denial of
   Service and CPU usage going to a 100%.

Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Khem Raj <raj.khem@gmail.com>

2020-04-12 22:57:22 -07:00

1 Commits