From 6218b1b8dadffa20c079e98ae2166fe95b4870f2 Mon Sep 17 00:00:00 2001
From: Pierre-Jean Texier <pjtexier@koncepto.io>
Date: Sun, 12 Apr 2020 17:03:31 +0200
Subject: python3-waitress: upgrade 1.4.2 -> 1.4.3

This is a security release:

 - In Waitress version 1.4.2 a new regular expression was added to validate the
   headers that Waitress receives to make sure that it matches RFC7230.
   Unfortunately the regular expression was written in a way that with invalid
   input it leads to catastrophic backtracking which allows for a Denial of
   Service and CPU usage going to a 100%.

Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
 .../recipes-devtools/python/python3-waitress_1.4.2.bb        | 12 ------------
 .../recipes-devtools/python/python3-waitress_1.4.3.bb        | 12 ++++++++++++
 2 files changed, 12 insertions(+), 12 deletions(-)
 delete mode 100644 meta-python/recipes-devtools/python/python3-waitress_1.4.2.bb
 create mode 100644 meta-python/recipes-devtools/python/python3-waitress_1.4.3.bb

(limited to 'meta-python')

diff --git a/meta-python/recipes-devtools/python/python3-waitress_1.4.2.bb b/meta-python/recipes-devtools/python/python3-waitress_1.4.2.bb
deleted file mode 100644
index 257993f8fb..0000000000
--- a/meta-python/recipes-devtools/python/python3-waitress_1.4.2.bb
+++ /dev/null
@@ -1,12 +0,0 @@
-SUMMARY = "A WSGI server for Python"
-DESCRIPTION = "Waitress is meant to be a production-quality pure-Python WSGI \
-    server with very acceptable performance."
-HOMEPAGE = "https://github.com/Pylons/waitress"
-SECTION = "devel/python"
-LICENSE = "ZPL-2.1"
-LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=78ccb3640dc841e1baecb3e27a6966b2"
-
-SRC_URI[md5sum] = "fdeed7ec32bbba011e90801208378c89"
-SRC_URI[sha256sum] = "67a60a376f0eb335ed88967c42b73983a58d66a2a72eb9009a42725f7453b142"
-
-inherit setuptools3 pypi
diff --git a/meta-python/recipes-devtools/python/python3-waitress_1.4.3.bb b/meta-python/recipes-devtools/python/python3-waitress_1.4.3.bb
new file mode 100644
index 0000000000..8ac3e928ea
--- /dev/null
+++ b/meta-python/recipes-devtools/python/python3-waitress_1.4.3.bb
@@ -0,0 +1,12 @@
+SUMMARY = "A WSGI server for Python"
+DESCRIPTION = "Waitress is meant to be a production-quality pure-Python WSGI \
+    server with very acceptable performance."
+HOMEPAGE = "https://github.com/Pylons/waitress"
+SECTION = "devel/python"
+LICENSE = "ZPL-2.1"
+LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=78ccb3640dc841e1baecb3e27a6966b2"
+
+SRC_URI[md5sum] = "4bffad7009d3824ae61ea6c0696e45f6"
+SRC_URI[sha256sum] = "045b3efc3d97c93362173ab1dfc159b52cfa22b46c3334ffc805dbdbf0e4309e"
+
+inherit setuptools3 pypi
-- 
cgit v1.2.3-54-g00ecf