Details: https://nvd.nist.gov/vuln/detail/CVE-2023-28370
The NVD advisory mentions that the vulnerability was fixed
in v6.3.2. I checked the commits in that tag, and picked the
only one that's commit message described the same vulnerability
as the NVD report.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
This is the result of automated script (0.9.1) conversion:
oe-core/scripts/contrib/convert-overrides.py .
converting the metadata to use ":" as the override character instead of "_".
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Upgrade to release 6.1:
- Windows support has been improved. Tornado is now compatible
with the proactor event loop (which became the default in Python
3.8) by automatically falling back to running a selector in a
second thread. This means that it is no longer necessary to
explicitly configure a selector event loop, although doing so
may improve performance. This does not change the fact that
Tornado is significantly less scalable on Windows than on other
platforms.
- Binary wheels are now provided for Windows, MacOS, and Linux
(amd64 and arm64).
- This is the last release of Tornado to support Python 3.5.
Future versions will require Python 3.6 or newer
License-Update: Checksum change, lisense remains "Apache-2.0"
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Acked-by: Trevor Gamblin <trevor.gamblin@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
