[oe] [meta-python][PATCH 31/34] python3-python-multipart: set CVE_PRODUCT

Gyorgy Sarvari via lists.openembedded.org Tue, 30 Dec 2025 23:55:06 -0800

The default python:python_multipart CPE doesn't match relevant CVE entries,
because NVD tracks the related CVEs with fastapiexpect:python-multipart CPE,
and Mitre uses kludex:python-multipart for others.


Set the CVE_PRODUCT accordingly.

See CVE db query:
sqlite> select * from products where product like '%python%multipart%';
CVE-2024-24762|fastapiexpert|python-multipart|||0.0.7|<
CVE-2024-24762|fastapiexpert|python-multipart|||0.0.7|<

Signed-off-by: Gyorgy Sarvari <[email protected]>
---
 .../recipes-devtools/python/python3-python-multipart_0.0.21.bb   | 1 +
 1 file changed, 1 insertion(+)

diff --git 
a/meta-python/recipes-devtools/python/python3-python-multipart_0.0.21.bb 
b/meta-python/recipes-devtools/python/python3-python-multipart_0.0.21.bb
index 29054f47a7..6fc2b69f7e 100644
--- a/meta-python/recipes-devtools/python/python3-python-multipart_0.0.21.bb
+++ b/meta-python/recipes-devtools/python/python3-python-multipart_0.0.21.bb
@@ -8,6 +8,7 @@ inherit pypi python_hatchling ptest-python-pytest
 
 PYPI_PACKAGE = "python_multipart"
 UPSTREAM_CHECK_PYPI_PACKAGE = "${PYPI_PACKAGE}"
+CVE_PRODUCT = "python-multipart"
 
 RDEPENDS:${PN}-ptest += " \
        python3-pyyaml \

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#123071): 
https://lists.openembedded.org/g/openembedded-devel/message/123071
Mute This Topic: https://lists.openembedded.org/mt/117009282/21656
Group Owner: [email protected]
Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub 
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-

[oe] [meta-python][PATCH 31/34] python3-python-multipart: set CVE_PRODUCT

Reply via email to