mirror of
https://github.com/openembedded/meta-openembedded.git
synced 2026-01-27 12:01:38 +01:00
0e149e4591
Details: https://nvd.nist.gov/vuln/detail/CVE-2023-28370 The NVD advisory mentions that the vulnerability was fixed in v6.3.2. I checked the commits in that tag, and picked the only one that's commit message described the same vulnerability as the NVD report. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
30 lines
1.3 KiB
BlitzBasic
30 lines
1.3 KiB
BlitzBasic
SUMMARY = "Tornado is an open source version of the scalable, non-blocking web server and tools that power FriendFeed."
|
|
DESCRIPTION = "Tornado is a Python web framework and asynchronous networking library, originally developed at FriendFeed. \
|
|
By using non-blocking network I/O, Tornado can scale to tens of thousands of open connections, making it ideal for long \
|
|
polling, WebSockets, and other applications that require a long-lived connection to each user."
|
|
HOMEPAGE = "http://www.tornadoweb.org/en/stable/"
|
|
LICENSE = "Apache-2.0"
|
|
LIC_FILES_CHKSUM = "file://LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57"
|
|
|
|
SRC_URI += "file://CVE-2023-28370.patch"
|
|
SRC_URI[md5sum] = "f324f5e7607798552359d6ab054c4321"
|
|
SRC_URI[sha256sum] = "33c6e81d7bd55b468d2e793517c909b139960b6c790a60b7991b9b6b76fb9791"
|
|
|
|
inherit pypi setuptools3
|
|
|
|
# Requires _compression which is currently located in misc
|
|
RDEPENDS:${PN} += "${PYTHON_PN}-compression ${PYTHON_PN}-numbers ${PYTHON_PN}-email \
|
|
${PYTHON_PN}-pkgutil ${PYTHON_PN}-html ${PYTHON_PN}-json ${PYTHON_PN}-certifi ${PYTHON_PN}-threading \
|
|
${PYTHON_PN}-ctypes ${PYTHON_PN}-misc"
|
|
|
|
RDEPENDS:${PN}-test += "${PN} ${PYTHON_PN}-unittest"
|
|
|
|
PACKAGES =+ "\
|
|
${PN}-test \
|
|
"
|
|
|
|
FILES:${PN}-test = " \
|
|
${libdir}/${PYTHON_DIR}/site-packages/*/test \
|
|
${libdir}/${PYTHON_DIR}/site-packages/*/testing.py* \
|
|
"
|