python3-aiohttp: set CVE_PRODUCT

The related CVEs are tracked using aiohttp:aiohttp CPE, so the default python:aiohttp CPE doesn't match relevant CVEs. Set the CVE_PRODUCT accordingly. See CVE db query: sqlite> select * from products where product like 'aiohttp'; CVE-2021-21330|aiohttp|aiohttp|||3.7.4|< CVE-2022-33124|aiohttp|aiohttp|3.8.1|=|| CVE-2023-37276|aiohttp|aiohttp|||3.8.4|<= CVE-2023-47627|aiohttp|aiohttp|||3.8.6|< CVE-2023-47641|aiohttp|aiohttp|||3.8.0|< CVE-2023-49081|aiohttp|aiohttp|||3.9.0|< CVE-2023-49082|aiohttp|aiohttp|||3.9.0|< CVE-2024-23334|aiohttp|aiohttp|1.0.5|>=|3.9.2|< CVE-2024-23829|aiohttp|aiohttp|||3.9.2|< CVE-2024-27306|aiohttp|aiohttp|||3.9.4|< CVE-2024-30251|aiohttp|aiohttp|||3.9.4|< CVE-2024-42367|aiohttp|aiohttp|3.10.0|>=|3.10.2|< CVE-2024-52303|aiohttp|aiohttp|3.10.6|>=|3.10.11|< CVE-2024-52304|aiohttp|aiohttp|||3.10.11|< CVE-2025-53643|aiohttp|aiohttp|||3.12.14|< Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
2026-01-01 13:58:06 +00:00 · 2025-12-31 08:54:09 +01:00 · 2025-12-31 08:54:09 +01:00 · f04728af28
commit f04728af28
parent 6cc3c31ed6
1 changed files with 2 additions and 0 deletions
--- a/meta-python/recipes-devtools/python/python3-aiohttp_3.13.2.bb
+++ b/meta-python/recipes-devtools/python/python3-aiohttp_3.13.2.bb
@ -6,6 +6,8 @@ LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=748073912af33aa59430d3702aa32d41"

 SRC_URI[sha256sum] = "40176a52c186aefef6eb3cad2cdd30cd06e3afbe88fe8ab2af9c0b90f228daca"

+CVE_PRODUCT = "aiohttp"
+
 inherit python_setuptools_build_meta pypi 

 DEPENDS = "python3-pkgconfig-native"