Projects
Mega:24.09
python-gevent
_service:tar_scm:CVE-2023-41419-pre.patch
Sign Up
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _service:tar_scm:CVE-2023-41419-pre.patch of Package python-gevent
From 6b22af0fa8eb2efa89fce36c35808948c67352b0 Mon Sep 17 00:00:00 2001 From: Jason Madden <jamadden@gmail.com> Date: Thu, 31 Aug 2023 05:26:35 -0500 Subject: [PATCH] pyproject.toml: Bump to latest cython. Origin: https://github.com/gevent/gevent/commit/6b22af0fa8eb2efa89fce36c35808948c67352b0 --- docs/servers.rst | 7 +++++++ pyproject.toml | 2 +- src/gevent/pywsgi.py | 9 ++++++++- 3 files changed, 16 insertions(+), 2 deletions(-) diff --git a/docs/servers.rst b/docs/servers.rst index 846ffbd..190fb1f 100644 --- a/docs/servers.rst +++ b/docs/servers.rst @@ -43,6 +43,13 @@ The :mod:`gevent.pywsgi` module contains an implementation of a :pep:`3333` :class:`WSGI server <gevent.pywsgi.WSGIServer>`. In addition, gunicorn_ is a stand-alone server that supports gevent. +.. important:: + + The provided server implementations are intended primarily for + development and testing, or internal usage, and otherwise only + generally "safe" scenarios. They have not been security audited. + Expose them to the public Internet at your own risk. + API Reference ============= diff --git a/pyproject.toml b/pyproject.toml index 6529ef3..2354d0c 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -17,7 +17,7 @@ requires = [ # This was fixed in 3.0a5 (https://github.com/cython/cython/issues/3578) # 3.0a6 fixes an issue cythonizing source on 32-bit platforms. # 3.0a9 is needed for Python 3.10. - "Cython >= 3.0a11", + "Cython >= 3.0.2", # See version requirements in setup.py "cffi >= 1.12.3 ; platform_python_implementation == 'CPython'", # Python 3.7 requires at least 0.4.14, which is ABI incompatible with earlier diff --git a/src/gevent/pywsgi.py b/src/gevent/pywsgi.py index 0ebe095..cfedad5 100644 --- a/src/gevent/pywsgi.py +++ b/src/gevent/pywsgi.py @@ -1,13 +1,20 @@ # Copyright (c) 2005-2009, eventlet contributors # Copyright (c) 2009-2018, gevent contributors """ -A pure-Python, gevent-friendly WSGI server. +A pure-Python, gevent-friendly WSGI server implementing HTTP/1.1. The server is provided in :class:`WSGIServer`, but most of the actual WSGI work is handled by :class:`WSGIHandler` --- a new instance is created for each request. The server can be customized to use different subclasses of :class:`WSGIHandler`. +.. important:: + + This server is intended primarily for development and testing, and + secondarily for other "safe" scenarios where it will not be exposed to + potentially malicious input. The code has not been security audited, + and is not intended for direct exposure to the public Internet. + """ from __future__ import absolute_import -- 2.30.0
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.
浙ICP备2022010568号-2