[oe] [meta-python][PATCH 09/10] python3-virtualenv: set CVE_PRODUCT

Gyorgy Sarvari via lists.openembedded.org Tue, 30 Dec 2025 04:25:23 -0800

There are relevant CVEs tracked under two different CPEs:
python:virtualenv (the default in OE), and virtualenv:virtualenv (these were 
missed).


See CVE db query:
sqlite> select * from products where PRODUCT = 'virtualenv';
CVE-2011-4617|python|virtualenv|||1.4.9|<=
CVE-2011-4617|python|virtualenv|0.8|=||
CVE-2011-4617|python|virtualenv|0.8.1|=||
CVE-2011-4617|python|virtualenv|0.8.2|=||
CVE-2011-4617|python|virtualenv|0.8.3|=||
CVE-2011-4617|python|virtualenv|0.8.4|=||
CVE-2011-4617|python|virtualenv|0.9|=||
CVE-2011-4617|python|virtualenv|0.9.1|=||
CVE-2011-4617|python|virtualenv|0.9.2|=||
CVE-2011-4617|python|virtualenv|1.0|=||
CVE-2011-4617|python|virtualenv|1.1|=||
CVE-2011-4617|python|virtualenv|1.1.1|=||
CVE-2011-4617|python|virtualenv|1.2|=||
CVE-2011-4617|python|virtualenv|1.3|=||
CVE-2011-4617|python|virtualenv|1.3.1|=||
CVE-2011-4617|python|virtualenv|1.3.2|=||
CVE-2011-4617|python|virtualenv|1.3.3|=||
CVE-2011-4617|python|virtualenv|1.3.4|=||
CVE-2011-4617|python|virtualenv|1.4|=||
CVE-2011-4617|python|virtualenv|1.4.1|=||
CVE-2011-4617|python|virtualenv|1.4.2|=||
CVE-2011-4617|python|virtualenv|1.4.3|=||
CVE-2011-4617|python|virtualenv|1.4.4|=||
CVE-2011-4617|python|virtualenv|1.4.5|=||
CVE-2011-4617|python|virtualenv|1.4.6|=||
CVE-2011-4617|python|virtualenv|1.4.7|=||
CVE-2011-4617|python|virtualenv|1.4.8|=||
CVE-2013-5123|virtualenv|virtualenv|12.0.7|=||
CVE-2024-53899|virtualenv|virtualenv|||20.26.6|<

Set the CVE_PRODUCT so both are matched.

Signed-off-by: Gyorgy Sarvari <[email protected]>
---
 .../recipes-devtools/python/python3-virtualenv_20.35.4.bb       | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/meta-python/recipes-devtools/python/python3-virtualenv_20.35.4.bb 
b/meta-python/recipes-devtools/python/python3-virtualenv_20.35.4.bb
index 28444f12c4..0c50a35be9 100644
--- a/meta-python/recipes-devtools/python/python3-virtualenv_20.35.4.bb
+++ b/meta-python/recipes-devtools/python/python3-virtualenv_20.35.4.bb
@@ -24,3 +24,5 @@ RDEPENDS:${PN} += " \
     python3-modules \
     python3-platformdirs \
 "
+
+CVE_PRODUCT = "virtualenv"

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#123015): 
https://lists.openembedded.org/g/openembedded-devel/message/123015
Mute This Topic: https://lists.openembedded.org/mt/116996773/21656
Group Owner: [email protected]
Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub 
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-

[oe] [meta-python][PATCH 09/10] python3-virtualenv: set CVE_PRODUCT

Reply via email to