mirror of
git://git.openembedded.org/meta-openembedded
synced 2026-04-02 10:59:19 +00:00
9bc066079f
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-69230 Backport the patch referenced by the NVD advisory. The tests were only partially backported, as the original patch touched some tests that don't exist in this version. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
35 lines
1.1 KiB
BlitzBasic
35 lines
1.1 KiB
BlitzBasic
SUMMARY = "Async http client/server framework"
|
|
DESCRIPTION = "Asynchronous HTTP client/server framework for asyncio and Python"
|
|
HOMEPAGE = "https://github.com/aio-libs/aiohttp"
|
|
LICENSE = "Apache-2.0"
|
|
LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=748073912af33aa59430d3702aa32d41"
|
|
|
|
SRC_URI += "file://CVE-2025-69224.patch \
|
|
file://CVE-2025-69225.patch \
|
|
file://CVE-2025-69226.patch \
|
|
file://CVE-2025-69227.patch \
|
|
file://CVE-2025-69228.patch \
|
|
file://CVE-2025-69229-1.patch \
|
|
file://CVE-2025-69229-2.patch \
|
|
file://CVE-2025-69230.patch \
|
|
"
|
|
SRC_URI[sha256sum] = "4fc61385e9c98d72fcdf47e6dd81833f47b2f77c114c29cd64a361be57a763a2"
|
|
|
|
inherit python_setuptools_build_meta pypi
|
|
|
|
DEPENDS = "python3-pkgconfig-native"
|
|
|
|
RDEPENDS:${PN} = "\
|
|
python3-aiohappyeyeballs \
|
|
python3-aiosignal \
|
|
python3-async-timeout \
|
|
python3-attrs \
|
|
python3-frozenlist \
|
|
python3-misc \
|
|
python3-multidict \
|
|
python3-yarl \
|
|
python3-aiodns \
|
|
"
|
|
|
|
CFLAGS:append:toolchain-gcc:arm = " -flax-vector-conversions"
|