diff mbox series

[3/5] python3-setuptools: set status for CVE-2024-6345

Message ID 20260425222634.44171-3-peter.marko@siemens.com
State Under Review
Headers show
Series [1/5] shadow: set CVE_PRODUCT | expand

Commit Message

Peter Marko April 25, 2026, 10:26 p.m. UTC 
From: Peter Marko <peter.marko@siemens.com>

Current version of sbom-cve-check reports this for some reason.
NVD does not have CPE and cvelistV5 ([1]) says "lessThan": "70.0".

[1] https://github.com/CVEProject/cvelistV5/blob/main/cves/2024/6xxx/CVE-2024-6345.json

Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
 meta/recipes-devtools/python/python3-setuptools_82.0.1.bb | 2 ++
 1 file changed, 2 insertions(+)
diff mbox series

Patch

diff --git a/meta/recipes-devtools/python/python3-setuptools_82.0.1.bb b/meta/recipes-devtools/python/python3-setuptools_82.0.1.bb
index a3943a29c3..c413578faf 100644
--- a/meta/recipes-devtools/python/python3-setuptools_82.0.1.bb
+++ b/meta/recipes-devtools/python/python3-setuptools_82.0.1.bb
@@ -49,3 +49,5 @@  BBCLASSEXTEND = "native nativesdk"
 # This used to use the bootstrap install which didn't compile. Until we bump the
 # tmpdir version we can't compile the native otherwise the sysroot unpack fails
 INSTALL_WHEEL_COMPILE_BYTECODE:class-native = "--no-compile-bytecode"
+
+CVE_STATUS[CVE-2024-6345] = "fixed-version: fixed since 70.0"