From 77ba5f31e27c5a5959563a15e793eedd4aaab5e5 Mon Sep 17 00:00:00 2001 From: Gyorgy Sarvari Date: Tue, 30 Dec 2025 15:29:02 +0100 Subject: [PATCH] python3-supervisor: set CVE_PRODUCT This recipe's CVEs are tracked using supervisord:supervisor CPE by nist, so the default python:supervisor CPE doesn't match relevant CVEs. See CVE db query (home-assisstant vendor is not relevant): sqlite> select * from products where PRODUCT like 'supervisor'; CVE-2017-11610|supervisord|supervisor|||3.0|<= CVE-2017-11610|supervisord|supervisor|3.1.0|=|| CVE-2017-11610|supervisord|supervisor|3.1.1|=|| CVE-2017-11610|supervisord|supervisor|3.1.2|=|| CVE-2017-11610|supervisord|supervisor|3.1.3|=|| CVE-2017-11610|supervisord|supervisor|3.2.0|=|| CVE-2017-11610|supervisord|supervisor|3.2.1|=|| CVE-2017-11610|supervisord|supervisor|3.2.2|=|| CVE-2017-11610|supervisord|supervisor|3.2.3|=|| CVE-2017-11610|supervisord|supervisor|3.3.0|=|| CVE-2017-11610|supervisord|supervisor|3.3.1|=|| CVE-2017-11610|supervisord|supervisor|3.3.2|=|| CVE-2019-12105|supervisord|supervisor|||4.0.2|<= CVE-2023-27482|home-assistant|supervisor|||2023.03.1|< Set the CVE_PRODUCT explicitly to match relevant CVEs. Signed-off-by: Gyorgy Sarvari Signed-off-by: Khem Raj --- meta-python/recipes-devtools/python/python3-supervisor_4.3.0.bb | 1 + 1 file changed, 1 insertion(+) diff --git a/meta-python/recipes-devtools/python/python3-supervisor_4.3.0.bb b/meta-python/recipes-devtools/python/python3-supervisor_4.3.0.bb index ed5f5d22f2..d504298914 100644 --- a/meta-python/recipes-devtools/python/python3-supervisor_4.3.0.bb +++ b/meta-python/recipes-devtools/python/python3-supervisor_4.3.0.bb @@ -9,6 +9,7 @@ LIC_FILES_CHKSUM = "file://LICENSES.txt;md5=5b4e3a2172bba4c47cded5885e7e507e" SRC_URI[sha256sum] = "4a2bf149adf42997e1bb44b70c43b613275ec9852c3edacca86a9166b27e945e" +CVE_PRODUCT = "supervisord:supervisor" PYPI_PACKAGE = "supervisor" inherit pypi systemd setuptools3 RDEPENDS:${PN} = "\