meta-openembedded

mirror of git://git.openembedded.org/meta-openembedded synced 2026-01-01 13:58:06 +00:00

History

Gyorgy Sarvari f04728af28 python3-aiohttp: set CVE_PRODUCT The related CVEs are tracked using aiohttp:aiohttp CPE, so the default python:aiohttp CPE doesn't match relevant CVEs. Set the CVE_PRODUCT accordingly. See CVE db query: sqlite> select * from products where product like 'aiohttp'; CVE-2021-21330\|aiohttp\|aiohttp\|\|\|3.7.4\|< CVE-2022-33124\|aiohttp\|aiohttp\|3.8.1\|=\|\| CVE-2023-37276\|aiohttp\|aiohttp\|\|\|3.8.4\|<= CVE-2023-47627\|aiohttp\|aiohttp\|\|\|3.8.6\|< CVE-2023-47641\|aiohttp\|aiohttp\|\|\|3.8.0\|< CVE-2023-49081\|aiohttp\|aiohttp\|\|\|3.9.0\|< CVE-2023-49082\|aiohttp\|aiohttp\|\|\|3.9.0\|< CVE-2024-23334\|aiohttp\|aiohttp\|1.0.5\|>=\|3.9.2\|< CVE-2024-23829\|aiohttp\|aiohttp\|\|\|3.9.2\|< CVE-2024-27306\|aiohttp\|aiohttp\|\|\|3.9.4\|< CVE-2024-30251\|aiohttp\|aiohttp\|\|\|3.9.4\|< CVE-2024-42367\|aiohttp\|aiohttp\|3.10.0\|>=\|3.10.2\|< CVE-2024-52303\|aiohttp\|aiohttp\|3.10.6\|>=\|3.10.11\|< CVE-2024-52304\|aiohttp\|aiohttp\|\|\|3.10.11\|< CVE-2025-53643\|aiohttp\|aiohttp\|\|\|3.12.14\|< Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>		2025-12-31 08:34:00 -08:00
..
gyp
python	python3-aiohttp: set CVE_PRODUCT	2025-12-31 08:34:00 -08:00
python-jsonref
python3-attrdict3
python3-breathe
python3-cairocffi
python3-exhale
python3-gspread
python3-mlcommons-loadgen	python3-mlcommons-loadgen: upgrade 5.1.1 -> 5.1.2	2025-12-02 09:22:51 -08:00
python3-nltk	python3-nltk: set CVE_PRODUCT	2025-12-31 08:28:55 -08:00
python3-piccata
python3-reedsolo
python3-rouge-score
python3-wxgtk4
python3-zstandard