| Message ID | 20251230154903.736590-1-skandigraun@gmail.com |
|---|---|
| State | New |
| Headers | show |
| Series | [meta-python,01/10] python-gunicorn: set CVE_PRODUCT | expand |
diff --git a/meta-python/recipes-devtools/python/python3-gunicorn_23.0.0.bb b/meta-python/recipes-devtools/python/python3-gunicorn_23.0.0.bb index 3c819a934d..a3524d6d8e 100644 --- a/meta-python/recipes-devtools/python/python3-gunicorn_23.0.0.bb +++ b/meta-python/recipes-devtools/python/python3-gunicorn_23.0.0.bb @@ -7,6 +7,8 @@ SRC_URI[sha256sum] = "f014447a0101dc57e294f6c18ca6b40227a4c90e9bdb586042628030cb inherit pypi python_setuptools_build_meta ptest +CVE_PRODUCT = "gunicorn" + SRC_URI += " \ file://run-ptest \ "
There is only one relevant CVE associated with this recipe in the CVE db, but it is tracked using gunicorn:gunicorn CPE instead of python:gunicorn (which is the default CPE from pypi.bbclass) See CVE db query: sqlite> select * from products where PRODUCT like '%gunicorn%'; CVE-2018-1000164|gunicorn|gunicorn|19.4.5|=|| Set CVE_PRODUCT so that it matches relevant CVEs. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> --- meta-python/recipes-devtools/python/python3-gunicorn_23.0.0.bb | 2 ++ 1 file changed, 2 insertions(+)