The relevant CVEs to this recipe are tracked using reportlab:reportlab CPE, which doesn't match the default python:reportlab CPE, so the cve-checker misses CVEs.
See CVE db query: sqlite> select * from products where product like '%reportlab%'; CVE-2019-17626|reportlab|reportlab|||3.5.26|<=|0 CVE-2019-19450|reportlab|reportlab|||3.5.31|<|0 CVE-2020-28463|reportlab|reportlab|-||||0 CVE-2023-33733|reportlab|reportlab|||3.6.12|<=|0 Set CVE_PRODUCT accordingly. Signed-off-by: Gyorgy Sarvari <[email protected]> --- meta-python/recipes-devtools/python/python3-reportlab_4.4.5.bb | 1 + 1 file changed, 1 insertion(+) diff --git a/meta-python/recipes-devtools/python/python3-reportlab_4.4.5.bb b/meta-python/recipes-devtools/python/python3-reportlab_4.4.5.bb index 4c411d5716..3ea47e355b 100644 --- a/meta-python/recipes-devtools/python/python3-reportlab_4.4.5.bb +++ b/meta-python/recipes-devtools/python/python3-reportlab_4.4.5.bb @@ -6,6 +6,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=cf24392f451ff6710fca1e96cefa0424" SRC_URI[sha256sum] = "0457d642aa76df7b36b0235349904c58d8f9c606a872456ed04436aafadc1510" +CVE_PRODUCT = "reportlab" inherit pypi python_setuptools_build_meta BBCLASSEXTEND = "native nativesdk"
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#123032): https://lists.openembedded.org/g/openembedded-devel/message/123032 Mute This Topic: https://lists.openembedded.org/mt/116999120/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
