diff mbox series

[meta-python,scarthgap,07/20] python3-eventlet: patch CVE-2025-58068

Message ID 20260114130100.1016416-7-ankur.tyagi85@gmail.com
State New
Headers show
Series [meta-python,scarthgap,01/20] python3-aiohttp: upgrade 3.9.4 -> 3.9.5 | expand

Commit Message

Ankur Tyagi Jan. 14, 2026, 1 p.m. UTC 
From: Ankur Tyagi <ankur.tyagi85@gmail.com>

Details: https://nvd.nist.gov/vuln/detail/CVE-2025-58068

Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
---
 .../python3-eventlet/CVE-2025-58068.patch     | 42 +++++++++++++++++++
 .../python/python3-eventlet_0.36.1.bb         |  2 +
 2 files changed, 44 insertions(+)
 create mode 100644 meta-python/recipes-devtools/python/python3-eventlet/CVE-2025-58068.patch
diff mbox series

Patch

diff --git a/meta-python/recipes-devtools/python/python3-eventlet/CVE-2025-58068.patch b/meta-python/recipes-devtools/python/python3-eventlet/CVE-2025-58068.patch
new file mode 100644
index 0000000000..45dda012b6
--- /dev/null
+++ b/meta-python/recipes-devtools/python/python3-eventlet/CVE-2025-58068.patch
@@ -0,0 +1,42 @@ 
+From 2353500dc28eab63b47930851c75e9268a69ef1e Mon Sep 17 00:00:00 2001
+From: sebsrt <s@sebsrt.xyz>
+Date: Mon, 11 Aug 2025 11:46:28 +0200
+Subject: [PATCH] [SECURITY] Fix request smuggling vulnerability by discarding
+ trailers (#1062)
+
+The WSGI parser is vulnerable to a request smuggling vulnerability due to not parsing trailer sections of an HTTP request. This patch fix that by discarding trailers.
+
+CVE: CVE-2025-58068
+Upstream-Status: Backport [https://github.com/eventlet/eventlet/commit/0bfebd1117d392559e25b4bfbfcc941754de88fb]
+(cherry picked from commit 0bfebd1117d392559e25b4bfbfcc941754de88fb)
+Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
+---
+ eventlet/wsgi.py | 8 +++++++-
+ 1 file changed, 7 insertions(+), 1 deletion(-)
+
+diff --git a/eventlet/wsgi.py b/eventlet/wsgi.py
+index 3b530b18..28ad2666 100644
+--- a/eventlet/wsgi.py
++++ b/eventlet/wsgi.py
+@@ -153,6 +153,12 @@ class Input:
+             read = b''
+         self.position += len(read)
+         return read
++    
++    def _discard_trailers(self, rfile):
++        while True:
++            line = rfile.readline()
++            if not line or line in (b'\r\n', b'\n', b''):
++                break
+ 
+     def _chunked_read(self, rfile, length=None, use_readline=False):
+         if self.should_send_hundred_continue:
+@@ -203,7 +209,7 @@ class Input:
+                         raise ChunkReadError(err)
+                     self.position = 0
+                     if self.chunk_length == 0:
+-                        rfile.readline()
++                        self._discard_trailers(rfile)
+         except greenio.SSL.ZeroReturnError:
+             pass
+         return b''.join(response)
diff --git a/meta-python/recipes-devtools/python/python3-eventlet_0.36.1.bb b/meta-python/recipes-devtools/python/python3-eventlet_0.36.1.bb
index f70099ab94..72032c756c 100644
--- a/meta-python/recipes-devtools/python/python3-eventlet_0.36.1.bb
+++ b/meta-python/recipes-devtools/python/python3-eventlet_0.36.1.bb
@@ -6,6 +6,8 @@  LIC_FILES_CHKSUM = "file://LICENSE;md5=56472ad6de4caf50e05332a34b66e778"
 
 SRC_URI[sha256sum] = "d227fe76a63d9e6a6cef53beb8ad0b2dc40a5e7737c801f4b474cfae1db07bc5"
 
+SRC_URI += "file://CVE-2025-58068.patch"
+
 inherit pypi setuptools3
 
 RDEPENDS:${PN} += " \