From: Gyorgy Sarvari <[email protected]> Set correct CVE_PRODUCT - the default ${PN} value doesn't match relevant CVEs.
See CVE query (n8n vendor is not relevant): sqlite> select * from products where product like '%pydantic%'; CVE-2021-29510|pydantic|pydantic|||1.6.2|< CVE-2021-29510|pydantic|pydantic|1.7|>=|1.7.4|< CVE-2021-29510|pydantic|pydantic|1.8|>=|1.8.2|< CVE-2024-3772|pydantic|pydantic|||1.10.13|< CVE-2024-3772|pydantic|pydantic|2.0|>=|2.4.0|< CVE-2025-55526|n8n|pydantic|2.11.7|=|| Signed-off-by: Gyorgy Sarvari <[email protected]> Signed-off-by: Khem Raj <[email protected]> (cherry picked from commit b4fd4a6217cc94bece31ac662815a13343888ee6) Signed-off-by: Himanshu Jadon <[email protected]> --- meta-python/recipes-devtools/python/python3-pydantic_2.7.4.bb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/meta-python/recipes-devtools/python/python3-pydantic_2.7.4.bb b/meta-python/recipes-devtools/python/python3-pydantic_2.7.4.bb index 04c9c91c0e..5c8d513317 100644 --- a/meta-python/recipes-devtools/python/python3-pydantic_2.7.4.bb +++ b/meta-python/recipes-devtools/python/python3-pydantic_2.7.4.bb @@ -15,6 +15,8 @@ SRC_URI[sha256sum] = "0c84efd9548d545f63ac0060c1e4d39bb9b14db8b3c0652338aecc07b5 DEPENDS += "python3-hatch-fancy-pypi-readme-native" +CVE_PRODUCT = "pydantic:pydantic" + RDEPENDS:${PN} += "\ python3-annotated-types \ python3-core \ -- 2.44.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#127364): https://lists.openembedded.org/g/openembedded-devel/message/127364 Mute This Topic: https://lists.openembedded.org/mt/119613103/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
