diff mbox series

[meta-python,scarthgap] python3-pydantic: set CVE_PRODUCT

Message ID 20260602152211.3599116-1-hjadon@cisco.com
State New
Headers show
Series [meta-python,scarthgap] python3-pydantic: set CVE_PRODUCT | expand

Commit Message

Himanshu Jadon -X (hjadon - E INFOCHIPS PRIVATE LIMITED at Cisco) June 2, 2026, 3:21 p.m. UTC 
From: Gyorgy Sarvari <skandigraun@gmail.com>

Set correct CVE_PRODUCT - the default ${PN} value doesn't match relevant
CVEs.

See CVE query (n8n vendor is not relevant):
sqlite> select * from products where product like '%pydantic%';
CVE-2021-29510|pydantic|pydantic|||1.6.2|<
CVE-2021-29510|pydantic|pydantic|1.7|>=|1.7.4|<
CVE-2021-29510|pydantic|pydantic|1.8|>=|1.8.2|<
CVE-2024-3772|pydantic|pydantic|||1.10.13|<
CVE-2024-3772|pydantic|pydantic|2.0|>=|2.4.0|<
CVE-2025-55526|n8n|pydantic|2.11.7|=||

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit b4fd4a6217cc94bece31ac662815a13343888ee6)
Signed-off-by: Himanshu Jadon <hjadon@cisco.com>
---
 meta-python/recipes-devtools/python/python3-pydantic_2.7.4.bb | 2 ++
 1 file changed, 2 insertions(+)
diff mbox series

Patch

diff --git a/meta-python/recipes-devtools/python/python3-pydantic_2.7.4.bb b/meta-python/recipes-devtools/python/python3-pydantic_2.7.4.bb
index 04c9c91c0e..5c8d513317 100644
--- a/meta-python/recipes-devtools/python/python3-pydantic_2.7.4.bb
+++ b/meta-python/recipes-devtools/python/python3-pydantic_2.7.4.bb
@@ -15,6 +15,8 @@  SRC_URI[sha256sum] = "0c84efd9548d545f63ac0060c1e4d39bb9b14db8b3c0652338aecc07b5
 
 DEPENDS += "python3-hatch-fancy-pypi-readme-native"
 
+CVE_PRODUCT = "pydantic:pydantic"
+
 RDEPENDS:${PN} += "\
     python3-annotated-types \
     python3-core \