helium-3rd-party/meta-openembedded
1
0
Fork 0
mirror of git://git.openembedded.org/meta-openembedded synced 2026-04-02 10:59:19 +00:00
Code Issues Packages Projects Releases Wiki Activity
meta-openembedded/meta-python/recipes-devtools/python/python3-waitress_3.0.2.bb
Gyorgy Sarvari eb50cc82be
python3-waitress: upgrade 3.0.0 -> 3.0.2 
Contains fixes for CVE-2024-49768 and CVE-2024-49769

Changelog:
3.0.1:
- Python 3.8 is no longer supported.
- Added support for Python 3.13.
- Fix a bug that would lead to Waitress busy looping on select() on a half-open
  socket due to a race condition that existed when creating a new HTTPChannel.
- No longer strip the header values before passing them to the WSGI environ.
- Fix a race condition in Waitress when `channel_request_lookahead` is enabled
  that could lead to HTTP request smuggling.

3.0.2:
- When using Waitress to process trusted proxy headers, Waitress will now
  update the headers to drop any untrusted values, thereby making sure that
  WSGI apps only get trusted and validated values that Waitress itself used to
  update the environ.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
2026-01-26 10:04:46 +05:30

16 lines
515 B
BlitzBasic
Raw Blame History

SUMMARY = "A WSGI server for Python"
DESCRIPTION = "Waitress is meant to be a production-quality pure-Python WSGI \
server with very acceptable performance."
HOMEPAGE = "https://github.com/Pylons/waitress"
SECTION = "devel/python"
LICENSE = "ZPL-2.1"
LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=78ccb3640dc841e1baecb3e27a6966b2"
RDEPENDS:${PN} += " \
python3-logging \
"
SRC_URI[sha256sum] = "682aaaf2af0c44ada4abfb70ded36393f0e307f4ab9456a215ce0020baefc31f"
inherit python_setuptools_build_meta pypi
Reference in New Issue View Git Blame Copy Permalink