| Message ID | 20251230154903.736590-3-skandigraun@gmail.com |
|---|---|
| State | New |
| Headers | show |
| Series | [meta-python,01/10] python-gunicorn: set CVE_PRODUCT | expand |
diff --git a/meta-python/recipes-devtools/python/python3-marshmallow_4.1.1.bb b/meta-python/recipes-devtools/python/python3-marshmallow_4.1.1.bb index 2919897dc3..01eead0cf8 100644 --- a/meta-python/recipes-devtools/python/python3-marshmallow_4.1.1.bb +++ b/meta-python/recipes-devtools/python/python3-marshmallow_4.1.1.bb @@ -8,6 +8,8 @@ LIC_FILES_CHKSUM = "\ SRC_URI[sha256sum] = "550aa14b619072f0a8d8184911b3f1021c5c32587fb27318ddf81ce0d0029c9d" +CVE_PRODUCT = "marshmallow" + inherit python_flit_core pypi ptest-python-pytest RDEPENDS:${PN}-ptest += " \
The default python:marshmallow CPE doesn't match the CVEs related to this product, as they are tracked with marshmallow_project:marshmallow CPE. See CVE db query: sqlite> select * from products where PRODUCT like 'marshmallow'; CVE-2018-17175|marshmallow_project|marshmallow|||2.15.1|< CVE-2018-17175|marshmallow_project|marshmallow|3.0|>=|3.0.0b9|< Set the CVE_PRODUCT so it matches related CVEs. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> --- .../recipes-devtools/python/python3-marshmallow_4.1.1.bb | 2 ++ 1 file changed, 2 insertions(+)