[oe] [meta-python][scarthgap][PATCH 05/10] python3-waitress: upgrade 3.0.0 -> 3.0.2

Fri, 23 Jan 2026 09:02:34 -0800 

Contains fixes for CVE-2024-49768 and CVE-2024-49769

Changelog:
3.0.1:
- Python 3.8 is no longer supported.
- Added support for Python 3.13.
- Fix a bug that would lead to Waitress busy looping on select() on a half-open
  socket due to a race condition that existed when creating a new HTTPChannel.
- No longer strip the header values before passing them to the WSGI environ.
- Fix a race condition in Waitress when `channel_request_lookahead` is enabled
  that could lead to HTTP request smuggling.

3.0.2:
- When using Waitress to process trusted proxy headers, Waitress will now
  update the headers to drop any untrusted values, thereby making sure that
  WSGI apps only get trusted and validated values that Waitress itself used to
  update the environ.

Signed-off-by: Gyorgy Sarvari <[email protected]>
---
 .../{python3-waitress_3.0.0.bb => python3-waitress_3.0.2.bb}    | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta-python/recipes-devtools/python/{python3-waitress_3.0.0.bb => 
python3-waitress_3.0.2.bb} (82%)

diff --git a/meta-python/recipes-devtools/python/python3-waitress_3.0.0.bb 
b/meta-python/recipes-devtools/python/python3-waitress_3.0.2.bb
similarity index 82%
rename from meta-python/recipes-devtools/python/python3-waitress_3.0.0.bb
rename to meta-python/recipes-devtools/python/python3-waitress_3.0.2.bb
index 7470fc02a0..b8e90807cf 100644
--- a/meta-python/recipes-devtools/python/python3-waitress_3.0.0.bb
+++ b/meta-python/recipes-devtools/python/python3-waitress_3.0.2.bb
@@ -10,6 +10,6 @@ RDEPENDS:${PN} += " \
         python3-logging \
 "
 
-SRC_URI[sha256sum] = 
"005da479b04134cdd9dd602d1ee7c49d79de0537610d653674cc6cbde222b8a1"
+SRC_URI[sha256sum] = 
"682aaaf2af0c44ada4abfb70ded36393f0e307f4ab9456a215ce0020baefc31f"
 
 inherit python_setuptools_build_meta pypi

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#123790): 
https://lists.openembedded.org/g/openembedded-devel/message/123790
Mute This Topic: https://lists.openembedded.org/mt/117421627/21656
Group Owner: [email protected]
Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub 
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-

Reply via email to