meta-openembedded

mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-01-27 12:01:38 +01:00

History

Soumya Sambu 5c4b61d38a python3-twisted: Fix CVE-2024-41671 Twisted is an event-based framework for internet applications, supporting Python 3.6+. The HTTP 1.0 and 1.1 server provided by twisted.web could process pipelined HTTP requests out-of-order, possibly resulting in information disclosure. This vulnerability is fixed in 24.7.0rc1. References: https://nvd.nist.gov/vuln/detail/CVE-2024-41671 https://ubuntu.com/security/CVE-2024-41671 Upstream patches: `f1cb4e616e` `ef2c755e9e` Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>	2025-05-25 14:48:44 -04:00
..
CVE-2024-41671-0001.patch	python3-twisted: Fix CVE-2024-41671	2025-05-25 14:48:44 -04:00
CVE-2024-41671-0002.patch	python3-twisted: Fix CVE-2024-41671	2025-05-25 14:48:44 -04:00

Soumya Sambu 5c4b61d38a python3-twisted: Fix CVE-2024-41671

Twisted is an event-based framework for internet applications, supporting Python 3.6+.
The HTTP 1.0 and 1.1 server provided by twisted.web could process pipelined HTTP
requests out-of-order, possibly resulting in information disclosure. This vulnerability
is fixed in 24.7.0rc1.

References:
https://nvd.nist.gov/vuln/detail/CVE-2024-41671
https://ubuntu.com/security/CVE-2024-41671

Upstream patches:
f1cb4e616e
ef2c755e9e

Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>

2025-05-25 14:48:44 -04:00

CVE-2024-41671-0001.patch python3-twisted: Fix CVE-2024-41671 2025-05-25 14:48:44 -04:00

CVE-2024-41671-0002.patch python3-twisted: Fix CVE-2024-41671 2025-05-25 14:48:44 -04:00