poky/python3-mako at kirkstone - poky

CaROS/poky

mirror of https://git.yoctoproject.org/git/poky synced 2026-01-01 13:58:04 +00:00

History

Narpat Mali 848be11a43 python3-mako: backport fix for CVE-2022-40023 Sqlalchemy mako before 1.2.2 is vulnerable to Regular expression Denial of Service when using the Lexer class to parse. This also affects babelplugin and linguaplugin. Reference: https://nvd.nist.gov/vuln/detail/CVE-2022-40023 Reference to Upstream Patch: `925760291d` (From OE-Core rev: 34727812b54fd52f85806f4f95702286d551b5fd) Signed-off-by: Narpat Mali <narpat.mali@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2022-11-20 08:19:17 +00:00
..
CVE-2022-40023.patch

Narpat Mali 848be11a43 python3-mako: backport fix for CVE-2022-40023

Sqlalchemy mako before 1.2.2 is vulnerable to Regular expression Denial of Service
when using the Lexer class to parse. This also affects babelplugin and linguaplugin.

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2022-40023

Reference to Upstream Patch:
925760291d

(From OE-Core rev: 34727812b54fd52f85806f4f95702286d551b5fd)

Signed-off-by: Narpat Mali <narpat.mali@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

2022-11-20 08:19:17 +00:00

CVE-2022-40023.patch