mirror of
https://github.com/openembedded/meta-openembedded.git
synced 2026-01-27 12:01:38 +01:00
e330e3508d
Details: https://nvd.nist.gov/vuln/detail/CVE-2024-49766 https://nvd.nist.gov/vuln/detail/CVE-2025-66221 Both vulnerabilities affect Windows only - ignore them. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
49 lines
1.5 KiB
BlitzBasic
49 lines
1.5 KiB
BlitzBasic
SUMMARY = "The Swiss Army knife of Python web development"
|
|
DESCRIPTION = "\
|
|
Werkzeug started as simple collection of various utilities for WSGI \
|
|
applications and has become one of the most advanced WSGI utility modules. \
|
|
It includes a powerful debugger, full featured request and response objects, \
|
|
HTTP utilities to handle entity tags, cache control headers, HTTP dates, \
|
|
cookie handling, file uploads, a powerful URL routing system and a bunch \
|
|
of community contributed addon modules."
|
|
HOMEPAGE = "http://werkzeug.pocoo.org/"
|
|
LICENSE = "BSD-3-Clause"
|
|
LIC_FILES_CHKSUM = "file://LICENSE.rst;md5=5dc88300786f1c214c1e9827a5229462"
|
|
|
|
PYPI_PACKAGE = "Werkzeug"
|
|
|
|
SRC_URI += "file://CVE-2023-25577.patch \
|
|
file://CVE-2023-23934.patch \
|
|
file://CVE-2024-34069-0001.patch \
|
|
file://CVE-2024-34069-0002.patch \
|
|
file://CVE-2024-49767.patch"
|
|
|
|
SRC_URI[sha256sum] = "f8e89a20aeabbe8a893c24a461d3ee5dad2123b05cc6abd73ceed01d39c3ae74"
|
|
|
|
inherit pypi setuptools3
|
|
|
|
CLEANBROKEN = "1"
|
|
|
|
RDEPENDS:${PN} += " \
|
|
${PYTHON_PN}-datetime \
|
|
${PYTHON_PN}-difflib \
|
|
${PYTHON_PN}-email \
|
|
${PYTHON_PN}-html \
|
|
${PYTHON_PN}-io \
|
|
${PYTHON_PN}-json \
|
|
${PYTHON_PN}-logging \
|
|
${PYTHON_PN}-netclient \
|
|
${PYTHON_PN}-netserver \
|
|
${PYTHON_PN}-numbers \
|
|
${PYTHON_PN}-pkgutil \
|
|
${PYTHON_PN}-pprint \
|
|
${PYTHON_PN}-simplejson \
|
|
${PYTHON_PN}-threading \
|
|
${PYTHON_PN}-unixadmin \
|
|
${PYTHON_PN}-misc \
|
|
${PYTHON_PN}-profile \
|
|
"
|
|
|
|
# Windows-only vulnerabilities
|
|
CVE_CHECK_IGNORE = "CVE-2024-49766 CVE-2025-66221"
|