[oe] [meta-python][PATCH 30/34] python3-ecdsa: set CVE_PRODUCT

Gyorgy Sarvari via lists.openembedded.org Tue, 30 Dec 2025 23:55:06 -0800

Set the correct CVE_PRODUCT value, the default python: ecdsa doesn't
match relevant entries.


The correct values were taken from the CVE db, by checking which CVEs
are relevant.

See CVE db query:
sqlite> select * from products where product like '%ecdsa%';
CVE-2019-14853|python-ecdsa_project|python-ecdsa|||0.13.3|<
CVE-2019-14859|python-ecdsa_project|python-ecdsa|||0.13.3|<
CVE-2020-12607|antonkueltz|fastecdsa|||2.1.2|<
CVE-2021-43568|starkbank|elixir_ecdsa|1.0.0|=||
CVE-2021-43569|starkbank|ecdsa-dotnet|1.3.2|=||
CVE-2021-43570|starkbank|ecdsa-java|1.0.0|=||
CVE-2021-43571|starkbank|ecdsa-node|1.1.2|=||
CVE-2021-43572|starkbank|ecdsa-python|||2.0.1|<
CVE-2022-24884|ecdsautils_project|ecdsautils|||0.4.1|<
CVE-2024-21502|antonkueltz|fastecdsa|||2.3.2|<
CVE-2024-23342|tlsfuzzer|ecdsa|||0.18.0|<=

Signed-off-by: Gyorgy Sarvari <[email protected]>
---
 meta-python/recipes-devtools/python/python3-ecdsa_0.19.1.bb | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/meta-python/recipes-devtools/python/python3-ecdsa_0.19.1.bb 
b/meta-python/recipes-devtools/python/python3-ecdsa_0.19.1.bb
index 4e884b2d74..2025d5e139 100644
--- a/meta-python/recipes-devtools/python/python3-ecdsa_0.19.1.bb
+++ b/meta-python/recipes-devtools/python/python3-ecdsa_0.19.1.bb
@@ -6,6 +6,8 @@ LIC_FILES_CHKSUM = 
"file://LICENSE;md5=66ffc5e30f76cbb5358fe54b645e5a1d"
 PYPI_PACKAGE = "ecdsa"
 SRC_URI[sha256sum] = 
"478cba7b62555866fcb3bb3fe985e06decbdb68ef55713c4e5ab98c57d508e61"
 
+CVE_PRODUCT = "python-ecdsa_project:python-ecdsa tlsfuzzer:ecdsa"
+
 inherit pypi setuptools3 python3native ptest-python-pytest
 
 RDEPENDS:${PN}-ptest += " \

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#123070): 
https://lists.openembedded.org/g/openembedded-devel/message/123070
Mute This Topic: https://lists.openembedded.org/mt/117009281/21656
Group Owner: [email protected]
Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub 
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-

[oe] [meta-python][PATCH 30/34] python3-ecdsa: set CVE_PRODUCT

Reply via email to