diff mbox series

[meta-python,kirkstone,2/5] python3-eventlet: patch CVE-2025-58068

Message ID 20260113063546.1497839-2-skandigraun@gmail.com
State New
Headers show
Series [meta-python,kirkstone,1/5] python3-eventlet: upgrade 0.33.0 -> 0.33.3 | expand

Commit Message

Gyorgy Sarvari Jan. 13, 2026, 6:35 a.m. UTC 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-58068

Pick the patch mentioned in the NVD advisory.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
---
 .../python3-eventlet/CVE-2025-58068.patch     | 41 +++++++++++++++++++
 .../python/python3-eventlet_0.33.3.bb         |  1 +
 2 files changed, 42 insertions(+)
 create mode 100644 meta-python/recipes-devtools/python/python3-eventlet/CVE-2025-58068.patch
diff mbox series

Patch

diff --git a/meta-python/recipes-devtools/python/python3-eventlet/CVE-2025-58068.patch b/meta-python/recipes-devtools/python/python3-eventlet/CVE-2025-58068.patch
new file mode 100644
index 0000000000..3fc7cb1b54
--- /dev/null
+++ b/meta-python/recipes-devtools/python/python3-eventlet/CVE-2025-58068.patch
@@ -0,0 +1,41 @@ 
+From 4e151d13a160e4d2a98dc77d32e5c3fe2c42f2b9 Mon Sep 17 00:00:00 2001
+From: sebsrt <s@sebsrt.xyz>
+Date: Mon, 11 Aug 2025 11:46:28 +0200
+Subject: [PATCH] Fix request smuggling vulnerability by discarding trailers
+ (#1062)
+
+The WSGI parser is vulnerable to a request smuggling vulnerability due to not parsing trailer sections of an HTTP request. This patch fix that by discarding trailers.
+
+CVE: CVE-2025-58068
+Upstream-Status: Backport [https://github.com/eventlet/eventlet/commit/0bfebd1117d392559e25b4bfbfcc941754de88fb]
+Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
+---
+ eventlet/wsgi.py | 8 +++++++-
+ 1 file changed, 7 insertions(+), 1 deletion(-)
+
+diff --git a/eventlet/wsgi.py b/eventlet/wsgi.py
+index 7ef0254..fb0d805 100644
+--- a/eventlet/wsgi.py
++++ b/eventlet/wsgi.py
+@@ -154,6 +154,12 @@ class Input(object):
+             read = b''
+         self.position += len(read)
+         return read
++    
++    def _discard_trailers(self, rfile):
++        while True:
++            line = rfile.readline()
++            if not line or line in (b'\r\n', b'\n', b''):
++                break
+ 
+     def _chunked_read(self, rfile, length=None, use_readline=False):
+         if self.should_send_hundred_continue:
+@@ -204,7 +210,7 @@ class Input(object):
+                         raise ChunkReadError(err)
+                     self.position = 0
+                     if self.chunk_length == 0:
+-                        rfile.readline()
++                        self._discard_trailers(rfile)
+         except greenio.SSL.ZeroReturnError:
+             pass
+         return b''.join(response)
diff --git a/meta-python/recipes-devtools/python/python3-eventlet_0.33.3.bb b/meta-python/recipes-devtools/python/python3-eventlet_0.33.3.bb
index c1256661b4..12ee39aee9 100644
--- a/meta-python/recipes-devtools/python/python3-eventlet_0.33.3.bb
+++ b/meta-python/recipes-devtools/python/python3-eventlet_0.33.3.bb
@@ -4,6 +4,7 @@  SECTION = "devel/python"
 LICENSE = "MIT"
 LIC_FILES_CHKSUM = "file://LICENSE;md5=56472ad6de4caf50e05332a34b66e778"
 
+SRC_URI += "file://CVE-2025-58068.patch"
 SRC_URI[sha256sum] = "722803e7eadff295347539da363d68ae155b8b26ae6a634474d0a920be73cfda"
 
 inherit pypi setuptools3