mirror of
https://github.com/openembedded/meta-openembedded.git
synced 2026-01-27 12:01:38 +01:00
1bd2effd23
Details: https://nvd.nist.gov/vuln/detail/CVE-2024-49769 Pick the patch that is referenced in the NVD report (which is a merge commit. The patches here are the individual patches from that merge). Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
28 lines
999 B
Diff
28 lines
999 B
Diff
From fdabcb31093507f50fcaeb46012ec8df8bf76359 Mon Sep 17 00:00:00 2001
|
|
From: Delta Regeer <bertjw@regeer.org>
|
|
Date: Sun, 3 Mar 2024 16:15:51 -0700
|
|
Subject: [PATCH] HTTPChannel is always created from accept, explicitly set
|
|
self.connected to True
|
|
|
|
CVE: CVE-2024-49769
|
|
Upstream-Status: Backport [https://github.com/Pylons/waitress/commit/03cc640fe7106902899f82115c26e37002bca7f1]
|
|
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
|
|
---
|
|
src/waitress/channel.py | 3 +--
|
|
1 file changed, 1 insertion(+), 2 deletions(-)
|
|
|
|
diff --git a/src/waitress/channel.py b/src/waitress/channel.py
|
|
index 756adce..cf19ef2 100644
|
|
--- a/src/waitress/channel.py
|
|
+++ b/src/waitress/channel.py
|
|
@@ -67,8 +67,7 @@ class HTTPChannel(wasyncore.dispatcher):
|
|
self.outbuf_lock = threading.Condition()
|
|
|
|
wasyncore.dispatcher.__init__(self, sock, map=map)
|
|
-
|
|
- # Don't let wasyncore.dispatcher throttle self.addr on us.
|
|
+ self.connected = True
|
|
self.addr = addr
|
|
self.requests = []
|
|
|