]> git.ipfire.org Git - thirdparty/openembedded/openembedded-core.git/commit
python3-wheel: fix for CVE-2022-40898
authorNarpat Mali <narpat.mali@windriver.com>
Thu, 12 Jan 2023 14:55:32 +0000 (14:55 +0000)
committerSteve Sakoman <steve@sakoman.com>
Mon, 16 Jan 2023 14:41:29 +0000 (04:41 -1000)
commit0974291e545aec68755dfb634c75dca37cca1ea9
tree307d87d75a3392bb2b8e8dd480bc40c3b180e88f
parentf574d8d57ff3fbc38e350e7a90913993081c4fdf
python3-wheel: fix for CVE-2022-40898

An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1
and earlier allows remote attackers to cause a denial of service via
attacker controlled input to wheel cli.

CVE: CVE-2022-40898

Upstream-Status: Backport [https://github.com/pypa/wheel/commit/88f02bc335d5404991e532e7f3b0fc80437bf4e0]

Signed-off-by: Narpat Mali <narpat.mali@windriver.com>
meta/recipes-devtools/python/python3-wheel/0001-Fixed-potential-DoS-attack-via-WHEEL_INFO_RE.patch [new file with mode: 0644]
meta/recipes-devtools/python/python3-wheel_0.37.1.bb