mirror of
git://git.openembedded.org/meta-openembedded
synced 2026-04-17 14:56:25 +00:00
5cae540dd4
Contains fix for CVE-2026-21860 Changelog: - safe_join on Windows does not allow more special device names, regardless of extension or surrounding spaces. - The multipart form parser handles a \r\n sequence at a chunk boundary. This fixes the previous attempt, which caused incorrect content lengths. - Fix AttributeError when initializing DebuggedApplication with pin_security=False. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit ecf359d2562795ca8de18f12f117cd654c30965e) From the release notes: This is the Werkzeug 3.1.5 security fix release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
25 lines
926 B
BlitzBasic
25 lines
926 B
BlitzBasic
SUMMARY = "The comprehensive WSGI web application library"
|
|
DESCRIPTION = "\
|
|
Werkzeug started as simple collection of various utilities for WSGI \
|
|
applications and has become one of the most advanced WSGI utility modules. \
|
|
It includes a powerful debugger, full featured request and response objects, \
|
|
HTTP utilities to handle entity tags, cache control headers, HTTP dates, \
|
|
cookie handling, file uploads, a powerful URL routing system and a bunch \
|
|
of community contributed addon modules."
|
|
HOMEPAGE = "https://werkzeug.palletsprojects.com"
|
|
LICENSE = "BSD-3-Clause"
|
|
LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=5dc88300786f1c214c1e9827a5229462"
|
|
|
|
SRC_URI[sha256sum] = "6a548b0e88955dd07ccb25539d7d0cc97417ee9e179677d22c7041c8f078ce67"
|
|
|
|
inherit pypi python_flit_core
|
|
|
|
RDEPENDS:${PN} += " \
|
|
python3-markupsafe \
|
|
python3-logging \
|
|
python3-profile \
|
|
python3-compression \
|
|
python3-json \
|
|
python3-difflib \
|
|
"
|