| Message ID | 20250425093246.1951085-1-leon.anavi@konsulko.com |
|---|---|
| State | Under Review |
| Headers | show |
| Series | [meta-python,1/2] python3-h11: Upgrade 0.14.0 -> 0.16.0 | expand |
diff --git a/meta-python/recipes-devtools/python/python3-h11_0.14.0.bb b/meta-python/recipes-devtools/python/python3-h11_0.16.0.bb similarity index 76% rename from meta-python/recipes-devtools/python/python3-h11_0.14.0.bb rename to meta-python/recipes-devtools/python/python3-h11_0.16.0.bb index 2bddefa3f0..a47e6ab61e 100644 --- a/meta-python/recipes-devtools/python/python3-h11_0.14.0.bb +++ b/meta-python/recipes-devtools/python/python3-h11_0.16.0.bb @@ -5,6 +5,6 @@ LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=f5501d19c3116f4aaeef89369f458693" inherit pypi setuptools3 -SRC_URI[sha256sum] = "8f19fbbe99e72420ff35c00b27a34cb9937e902a8b810e2c88300c6f0a3b699d" +SRC_URI[sha256sum] = "4e35b956cf45792e4caa5885e69fba00bdbc6ffafbfa020300e549b208ee5ff1" RDEPENDS:${PN} += "python3-profile"
Upgrade to release 0.16.0: - Reject certain malformed Transfer-Encoding: chunked bodies that were previously accepted. These could have enabled request-smuggling attacks when an h11-based HTTP server was placed behind a load balancer with a matching bug in its chunked handling. Signed-off-by: Leon Anavi <leon.anavi@konsulko.com> --- .../python/{python3-h11_0.14.0.bb => python3-h11_0.16.0.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta-python/recipes-devtools/python/{python3-h11_0.14.0.bb => python3-h11_0.16.0.bb} (76%)