[oe] [meta-python][PATCH 08/34] python3-eventlet: set CVE_PRODUCT

Gyorgy Sarvari via lists.openembedded.org Tue, 30 Dec 2025 23:54:50 -0800

The relevant CVEs are tracked using eventlet:eventlet CPE, and the default
python:eventlet CPE doesn't match relevant CVEs.


Set the correct CVE_PRODUCT.

See CVE db query:
sqlite> select * from products where product like 'eventlet';
CVE-2021-21419|eventlet|eventlet|0.10|>=|0.31.0|<
CVE-2023-29483|eventlet|eventlet|||0.35.2|<
CVE-2025-58068|eventlet|eventlet|||0.40.3|<

Signed-off-by: Gyorgy Sarvari <[email protected]>
---
 meta-python/recipes-devtools/python/python3-eventlet_0.40.4.bb | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/meta-python/recipes-devtools/python/python3-eventlet_0.40.4.bb 
b/meta-python/recipes-devtools/python/python3-eventlet_0.40.4.bb
index 21b1e095eb..213460dc70 100644
--- a/meta-python/recipes-devtools/python/python3-eventlet_0.40.4.bb
+++ b/meta-python/recipes-devtools/python/python3-eventlet_0.40.4.bb
@@ -7,6 +7,8 @@ LIC_FILES_CHKSUM = 
"file://LICENSE;md5=56472ad6de4caf50e05332a34b66e778"
 SRC_URI += "file://d19ad6cc086684ee74db250f5fd35227c98e678a.patch"
 SRC_URI[sha256sum] = 
"69bef712b1be18b4930df6f0c495d2a882bf7b63aa111e7b6eeff461cfcaf26f"
 
+CVE_PRODUCT = "eventlet"
+
 inherit pypi python_hatchling
 
 DEPENDS += "python3-hatch-vcs-native"

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#123048): 
https://lists.openembedded.org/g/openembedded-devel/message/123048
Mute This Topic: https://lists.openembedded.org/mt/117009248/21656
Group Owner: [email protected]
Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub 
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-

[oe] [meta-python][PATCH 08/34] python3-eventlet: set CVE_PRODUCT

Reply via email to