The default python:flask CPE doesn't match relevant CVE entries which are tracked under palletsprojects:flask CPE.
See CVE db query: sqlite> select * from products where PRODUCT like 'flask'; CVE-2018-1000656|palletsprojects|flask|||0.12.3|< CVE-2019-1010083|palletsprojects|flask|||1.0|< CVE-2023-30861|palletsprojects|flask|||2.2.5|< CVE-2023-30861|palletsprojects|flask|2.3.0|>=|2.3.2|< Set the CVE_PRODUCT to "flask" so it matches relevant entries. Signed-off-by: Gyorgy Sarvari <[email protected]> --- meta-python/recipes-devtools/python/python3-flask_3.1.2.bb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/meta-python/recipes-devtools/python/python3-flask_3.1.2.bb b/meta-python/recipes-devtools/python/python3-flask_3.1.2.bb index de4a558bff..1b289c7227 100644 --- a/meta-python/recipes-devtools/python/python3-flask_3.1.2.bb +++ b/meta-python/recipes-devtools/python/python3-flask_3.1.2.bb @@ -8,6 +8,8 @@ LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=ffeffa59c90c9c4a033c7574f8f3fb75" SRC_URI[sha256sum] = "bf656c15c80190ed628ad08cdfd3aaa35beb087855e2f494910aa3774cc4fd87" +CVE_PRODUCT = "flask" + inherit pypi python_flit_core ptest-python-pytest CLEANBROKEN = "1"
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#123028): https://lists.openembedded.org/g/openembedded-devel/message/123028 Mute This Topic: https://lists.openembedded.org/mt/116999116/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
