Adding patchinfo patchinfo.20241220134146182953.90520734224245

patchinfo.20241220134146182953.90520734224245/_patchinfo

@@ -0,0 +1,22 @@
+<patchinfo>
+  <!-- generated from request(s) 355975 -->
+  <issue tracker="bnc" id="1223098">VUL-0: CVE-2024-27306: python-aiohttp: XSS on index pages for static file handling</issue>
+  <issue tracker="bnc" id="1223726">VUL-0: CVE-2024-30251: python-aiohttp: infinite loop on specially crafted POST request</issue>
+  <issue tracker="bnc" id="1233447">VUL-0: CVE-2024-52304: python-aiohttp: vulnerable to request smuggling due to incorrect parsing of chunk extensions</issue>
+  <issue tracker="cve" id="2024-27306"/>
+  <issue tracker="cve" id="2024-30251"/>
+  <issue tracker="cve" id="2024-52304"/>
+  <issue tracker="gh" id="aio-libs/aiohttp#8319"/>
+  <packager>dgarcia</packager>
+  <rating>moderate</rating>
+  <category>security</category>
+  <summary>Security update for python-aiohttp</summary>
+  <description>This update for python-aiohttp fixes the following issues:
+
+- CVE-2024-27306: Fixed XSS on index pages for static file handling (bsc#1223098)
+- CVE-2024-30251: Fixed infinite loop on specially crafted POST request (bsc#1223726)
+- CVE-2024-52304: Fixed vulnerable to request smuggling due to incorrect parsing of chunk extensions (bsc#1233447)
+</description>
+  <package>python-aiohttp</package>
+  <seperate_build_arch/>
+</patchinfo>