From: Chen Qi <qi.c...@windriver.com> https://nvd.nist.gov/vuln/detail/CVE-2023-33595 uses 'cpython'. Although it's currently the only one that uses cpython, let's add cpython to CVE_PRODUCT, just in case.
Signed-off-by: Chen Qi <qi.c...@windriver.com> --- meta/recipes-devtools/python/python3_3.11.5.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/recipes-devtools/python/python3_3.11.5.bb b/meta/recipes-devtools/python/python3_3.11.5.bb index 6c624c9d3d..8e023c7dfb 100644 --- a/meta/recipes-devtools/python/python3_3.11.5.bb +++ b/meta/recipes-devtools/python/python3_3.11.5.bb @@ -46,7 +46,7 @@ SRC_URI[sha256sum] = "85cd12e9cf1d6d5a45f17f7afe1cebe7ee628d3282281c492e86adf636 UPSTREAM_CHECK_REGEX = "[Pp]ython-(?P<pver>\d+(\.\d+)+).tar" UPSTREAM_CHECK_URI = "https://www.python.org/downloads/source/" -CVE_PRODUCT = "python" +CVE_PRODUCT = "python cpython" CVE_STATUS[CVE-2007-4559] = "disputed: Upstream consider this expected behaviour" CVE_STATUS[CVE-2019-18348] = "not-applicable-config: This is not exploitable when glibc has CVE-2016-10739 fixed" -- 2.40.0
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#188292): https://lists.openembedded.org/g/openembedded-core/message/188292 Mute This Topic: https://lists.openembedded.org/mt/101613209/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-