From: Gyorgy Sarvari <[email protected]> Set correct CVE_PRODUCT for paramiko. The default python:paramiko value doesn't match CVEs, because the product has its own set of CPEs associated with CVEs.
See CVE db query: sqlite> select * from products where PRODUCT = 'paramiko'; CVE-2008-0299|python_software_foundation|paramiko|1.7.1|=|| CVE-2018-1000805|paramiko|paramiko|1.17.6|=|| CVE-2018-1000805|paramiko|paramiko|1.18.5|=|| CVE-2018-1000805|paramiko|paramiko|2.0.8|=|| CVE-2018-1000805|paramiko|paramiko|2.1.5|=|| CVE-2018-1000805|paramiko|paramiko|2.2.3|=|| CVE-2018-1000805|paramiko|paramiko|2.3.2|=|| CVE-2018-1000805|paramiko|paramiko|2.4.1|=|| CVE-2018-7750|paramiko|paramiko|||1.17.6|< CVE-2018-7750|paramiko|paramiko|1.18.0|>=|1.18.5|< CVE-2018-7750|paramiko|paramiko|2.0.0|>=|2.0.8|< CVE-2018-7750|paramiko|paramiko|2.1.0|>=|2.1.5|< CVE-2018-7750|paramiko|paramiko|2.2.0|>=|2.2.3|< CVE-2018-7750|paramiko|paramiko|2.3.0|>=|2.3.2|< CVE-2018-7750|paramiko|paramiko|2.4.0|=|| CVE-2022-24302|paramiko|paramiko|||2.10.1|< CVE-2023-48795|paramiko|paramiko|||3.4.0|< Signed-off-by: Gyorgy Sarvari <[email protected]> Signed-off-by: Khem Raj <[email protected]> (cherry picked from commit e22d2a7ba6e96c1312c368b4a6448bea5b6559da) Signed-off-by: Himanshu Jadon <[email protected]> --- meta-python/recipes-devtools/python/python3-paramiko_3.4.0.bb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/meta-python/recipes-devtools/python/python3-paramiko_3.4.0.bb b/meta-python/recipes-devtools/python/python3-paramiko_3.4.0.bb index 0d32d361cf..937b9ee5b1 100644 --- a/meta-python/recipes-devtools/python/python3-paramiko_3.4.0.bb +++ b/meta-python/recipes-devtools/python/python3-paramiko_3.4.0.bb @@ -18,3 +18,5 @@ RDEPENDS:${PN} += " \ python3-pynacl \ python3-unixadmin \ " + +CVE_PRODUCT = "paramiko:paramiko python_software_foundation:paramiko" -- 2.44.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#127362): https://lists.openembedded.org/g/openembedded-devel/message/127362 Mute This Topic: https://lists.openembedded.org/mt/119613073/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
