diff mbox series

[v2,3/4] python3-pyasn1: set CVE_PRODUCT

Message ID 20260713234417.4071754-3-mark.yang@lge.com
State Under Review
Headers show
Series [v2,1/4] python3-cryptography: set CVE_PRODUCT | expand

Commit Message

mark.yang July 13, 2026, 11:44 p.m. UTC
From: "mark.yang" <mark.yang@lge.com>

The default python:pyasn1 does not match the NVD/CNA entries which use
pyasn1 as vendor, so CVEs like CVE-2026-30922 are never reported. Use
the exact pyasn1:pyasn1 pair.

Suggested-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: mark.yang <mark.yang@lge.com>
---
v2: use exact vendor:product pair

 meta/recipes-devtools/python/python3-pyasn1_0.6.3.bb | 2 ++
 1 file changed, 2 insertions(+)
diff mbox series

Patch

diff --git a/meta/recipes-devtools/python/python3-pyasn1_0.6.3.bb b/meta/recipes-devtools/python/python3-pyasn1_0.6.3.bb
index fb572d9da4..60b38c57c5 100644
--- a/meta/recipes-devtools/python/python3-pyasn1_0.6.3.bb
+++ b/meta/recipes-devtools/python/python3-pyasn1_0.6.3.bb
@@ -14,4 +14,6 @@  RDEPENDS:${PN}:class-target += " \
     python3-shell \
 "
 
+CVE_PRODUCT = "pyasn1:pyasn1"
+
 BBCLASSEXTEND = "native nativesdk"