From 93fd9b0db09b50e40084f1a73c9df66f9262a670 Mon Sep 17 00:00:00 2001
From: Gyorgy Sarvari <skandigraun@gmail.com>
Date: Wed, 31 Dec 2025 08:54:07 +0100
Subject: [PATCH] python3-uvicorn: set CVE_PRODUCT

The default python:uvicorn CPE is not correct, the CVEs are tracked
under encode:uvicorn.

See CVE db query (n8n vendor is not relevant):
sqlite> select * from products where product like 'uvicorn';
CVE-2020-7694|encode|uvicorn|-|||
CVE-2020-7695|encode|uvicorn|||0.11.7|<
CVE-2025-55526|n8n|uvicorn|0.35.0|=||

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
 meta-python/recipes-devtools/python/python3-uvicorn_0.40.0.bb | 1 +
 1 file changed, 1 insertion(+)

diff --git a/meta-python/recipes-devtools/python/python3-uvicorn_0.40.0.bb b/meta-python/recipes-devtools/python/python3-uvicorn_0.40.0.bb
index 56d58ded0a..3013ff50d0 100644
--- a/meta-python/recipes-devtools/python/python3-uvicorn_0.40.0.bb
+++ b/meta-python/recipes-devtools/python/python3-uvicorn_0.40.0.bb
@@ -11,6 +11,7 @@ SRC_URI += "file://0001-ptest-disable-failing-tests.patch"
 inherit pypi python_hatchling ptest-python-pytest
 
 PYPI_PACKAGE = "uvicorn"
+CVE_PRODUCT = "encode:uvicorn"
 
 RDEPENDS:${PN} = "\
     python3-click \