From: Gyorgy Sarvari <[email protected]>

Set correct CVE_PRODUCT for paramiko. The default python:paramiko value
doesn't match CVEs, because the product has its own set of CPEs associated
with CVEs.

See CVE db query:
sqlite> select * from products where PRODUCT = 'paramiko';
CVE-2008-0299|python_software_foundation|paramiko|1.7.1|=||
CVE-2018-1000805|paramiko|paramiko|1.17.6|=||
CVE-2018-1000805|paramiko|paramiko|1.18.5|=||
CVE-2018-1000805|paramiko|paramiko|2.0.8|=||
CVE-2018-1000805|paramiko|paramiko|2.1.5|=||
CVE-2018-1000805|paramiko|paramiko|2.2.3|=||
CVE-2018-1000805|paramiko|paramiko|2.3.2|=||
CVE-2018-1000805|paramiko|paramiko|2.4.1|=||
CVE-2018-7750|paramiko|paramiko|||1.17.6|<
CVE-2018-7750|paramiko|paramiko|1.18.0|>=|1.18.5|<
CVE-2018-7750|paramiko|paramiko|2.0.0|>=|2.0.8|<
CVE-2018-7750|paramiko|paramiko|2.1.0|>=|2.1.5|<
CVE-2018-7750|paramiko|paramiko|2.2.0|>=|2.2.3|<
CVE-2018-7750|paramiko|paramiko|2.3.0|>=|2.3.2|<
CVE-2018-7750|paramiko|paramiko|2.4.0|=||
CVE-2022-24302|paramiko|paramiko|||2.10.1|<
CVE-2023-48795|paramiko|paramiko|||3.4.0|<

Signed-off-by: Gyorgy Sarvari <[email protected]>
Signed-off-by: Khem Raj <[email protected]>
(cherry picked from commit e22d2a7ba6e96c1312c368b4a6448bea5b6559da)
Signed-off-by: Himanshu Jadon <[email protected]>
---
 meta-python/recipes-devtools/python/python3-paramiko_3.4.0.bb | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/meta-python/recipes-devtools/python/python3-paramiko_3.4.0.bb 
b/meta-python/recipes-devtools/python/python3-paramiko_3.4.0.bb
index 0d32d361cf..937b9ee5b1 100644
--- a/meta-python/recipes-devtools/python/python3-paramiko_3.4.0.bb
+++ b/meta-python/recipes-devtools/python/python3-paramiko_3.4.0.bb
@@ -18,3 +18,5 @@ RDEPENDS:${PN} += " \
     python3-pynacl \
     python3-unixadmin \
 "
+
+CVE_PRODUCT = "paramiko:paramiko python_software_foundation:paramiko"
-- 
2.44.1

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#127362): 
https://lists.openembedded.org/g/openembedded-devel/message/127362
Mute This Topic: https://lists.openembedded.org/mt/119613073/21656
Group Owner: [email protected]
Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub 
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-

Reply via email to