CaROS/meta-openembedded
3
1
Fork 0
mirror of git://git.openembedded.org/meta-openembedded synced 2026-01-01 13:58:06 +00:00
Code Issues Packages Projects Releases Wiki Activity

python3-pyjwt: set CVE_PRODUCT

Browse Source 
The relevant CVEs are tracked using pyjwt_project:pyjwt CPE, so the
defauly python:pyjwt CPE doesn't match them.

See CVE db query:
sqlite> select * from products where PRODUCT like '%pyjwt%';
CVE-2017-11424|pyjwt_project|pyjwt|||1.5.0|<=
CVE-2022-29217|pyjwt_project|pyjwt|1.5.0|>=|2.4.0|<
CVE-2024-53861|pyjwt_project|pyjwt|2.10.0|=||
CVE-2025-45768|pyjwt_project|pyjwt|2.10.1|=||

Set the CVE_PRODUCT so it matches relevant CVEs.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This commit is contained in:
Gyorgy Sarvari 2025-12-30 15:29:01 +01:00 committed by Khem Raj
parent 851e449d54
commit 5ec4458878
No known key found for this signature in database
GPG Key ID: BB053355919D3314
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
meta-python/recipes-devtools/python/python3-pyjwt_2.10.1.bb
View File

@ -8,6 +8,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=e4b56d2c9973d8cf54655555be06e551"
SRC_URI[sha256sum] = "3cc5772eb20009233caf06e9d8a0577824723b44e6648ee0a2aedb6cf9381953"
PYPI_PACKAGE = "pyjwt"
CVE_PRODUCT = "pyjwt"
inherit pypi python_setuptools_build_meta
RDEPENDS:${PN} = "\