Contains fix for CVE-2026-21860 Changelog: - safe_join on Windows does not allow more special device names, regardless of extension or surrounding spaces. - The multipart form parser handles a \r\n sequence at a chunk boundary. This fixes the previous attempt, which caused incorrect content lengths. - Fix AttributeError when initializing DebuggedApplication with pin_security=False.
Signed-off-by: Gyorgy Sarvari <[email protected]> --- .../{python3-werkzeug_3.1.4.bb => python3-werkzeug_3.1.5.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta-python/recipes-devtools/python/{python3-werkzeug_3.1.4.bb => python3-werkzeug_3.1.5.bb} (90%) diff --git a/meta-python/recipes-devtools/python/python3-werkzeug_3.1.4.bb b/meta-python/recipes-devtools/python/python3-werkzeug_3.1.5.bb similarity index 90% rename from meta-python/recipes-devtools/python/python3-werkzeug_3.1.4.bb rename to meta-python/recipes-devtools/python/python3-werkzeug_3.1.5.bb index 0886dbfef1..1df88b78d0 100644 --- a/meta-python/recipes-devtools/python/python3-werkzeug_3.1.4.bb +++ b/meta-python/recipes-devtools/python/python3-werkzeug_3.1.5.bb @@ -10,7 +10,7 @@ HOMEPAGE = "https://werkzeug.palletsprojects.com"; LICENSE = "BSD-3-Clause" LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=5dc88300786f1c214c1e9827a5229462" -SRC_URI[sha256sum] = "cd3cd98b1b92dc3b7b3995038826c68097dcb16f9baa63abe35f20eafeb9fe5e" +SRC_URI[sha256sum] = "6a548b0e88955dd07ccb25539d7d0cc97417ee9e179677d22c7041c8f078ce67" CVE_PRODUCT = "werkzeug"
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#123644): https://lists.openembedded.org/g/openembedded-devel/message/123644 Mute This Topic: https://lists.openembedded.org/mt/117349062/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
