CaROS/meta-openembedded
3
1
Fork 0
mirror of git://git.openembedded.org/meta-openembedded synced 2026-01-01 13:58:06 +00:00
Code Issues Packages Projects Releases Wiki Activity
e8a6ea8f4b
meta-openembedded/meta-python
History
Anil Dongare e8a6ea8f4b python3-django 5.0.11: ignore CVE-2025-27556 
Upstream Repository: https://github.com/django/django.git

Bug Details: https://nvd.nist.gov/vuln/detail/CVE-2025-27556
Type: Security Advisory
CVE: CVE-2025-27556
Score: 7.5

Analysis:
- CVE-2025-27556 affects Django 5.1 before 5.1.8 and 5.0 before 5.0.14.
- The issue occurs due to slow NFKC normalization on Windows, which can cause
  a denial-of-service (DoS) when handling inputs containing a very large number
  of Unicode characters.
- Affected Django components:
	django.contrib.auth.views.LoginView
	django.contrib.auth.views.LogoutView
	django.views.i18n.set_language

- This performance degradation is specific to Windows, caused by the Windows
  Unicode normalization implementation.

 Reference:
 - https://nvd.nist.gov/vuln/detail/CVE-2025-27556
 - https://github.com/django/django/commit/2cb311f7b069

Signed-off-by: Anil Dongare <adongare@cisco.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
2025-11-12 11:28:54 +05:30
..
classes meta-python: missing closing brace 2024-04-21 10:52:39 -07:00
conf reproducibility: move repro excludes from AB config.json to meta-oe 2024-04-30 11:00:33 -07:00
licenses
recipes-connectivity Use PYTHON_SITEPACKAGES_DIR instead of hard-coded site-packages directory path 2024-04-21 10:52:39 -07:00
recipes-core python3-websockets: Remove recipe 2024-04-14 08:38:44 -07:00
recipes-devtools python3-django 5.0.11: ignore CVE-2025-27556 2025-11-12 11:28:54 +05:30
recipes-extended python3-pywbemtools: upgrade 1.2.1 -> 1.3.0 2024-04-30 10:59:06 -07:00
recipes-networking/python
COPYING.MIT
README.md meta-openemnedded: Add myself as scarthgap maintainer 2024-03-27 20:07:53 -07:00

README.md

meta-python

Introduction

This layer is intended to be the home of python modules for OpenEmbedded.

Dependencies

The meta-python layer depends on:

URI: git://git.openembedded.org/openembedded-core
layers: meta
branch: scarthgap

URI: git://git.openembedded.org/meta-openembedded
layers: meta-oe
branch: scarthgap

Contributing

The meta-openembedded mailinglist (openembedded-devel@lists.openembedded.org) is used for questions, comments and patch review. It is subscriber only, so please register before posting.

Send pull requests to openembedded-devel@lists.openembedded.org with '[meta-python][scarthgap]' in the subject.

When sending single patches, please use something like: git send-email -M -1 --to=openembedded-devel@lists.openembedded.org --subject-prefix='meta-python][scarthgap][PATCH'

Maintenance

Layer maintainers: Armin Kuster akuster808@gmail.com