Currently there is only one CVE associated with pandas, and it is tracked using numfocus:pandas CPE by NIST instead of the default python:pandas from pypi.bbclass.
See CVE db query: sqlite> select * from products where product like 'pandas'; CVE-2020-13091|numfocus|pandas|||1.0.3|<= Set the CVE_PRODUCT accodingly. Signed-off-by: Gyorgy Sarvari <[email protected]> --- meta-python/recipes-devtools/python/python3-pandas_2.2.3.bb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/meta-python/recipes-devtools/python/python3-pandas_2.2.3.bb b/meta-python/recipes-devtools/python/python3-pandas_2.2.3.bb index 60cc01800f..91333d129d 100644 --- a/meta-python/recipes-devtools/python/python3-pandas_2.2.3.bb +++ b/meta-python/recipes-devtools/python/python3-pandas_2.2.3.bb @@ -15,6 +15,8 @@ SRC_URI:append:class-target = " file://0001-BLD-add-option-to-specify-numpy-head SRC_URI[sha256sum] = "4f18ba62b61d7e192368b84517265a99b4d7ee8912f8708660fb4a366cc82667" +CVE_PRODUCT = "pandas" + inherit pkgconfig pypi python_mesonpy cython DEPENDS += " \
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#123041): https://lists.openembedded.org/g/openembedded-devel/message/123041 Mute This Topic: https://lists.openembedded.org/mt/117009241/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
