diff options
author | Chen Qi <Qi.Chen@windriver.com> | 2023-09-27 00:14:38 -0700 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2023-09-28 12:37:44 +0100 |
commit | 62598e1138f21a16d8b1cdd1cfe902aeed854c5c (patch) | |
tree | cda81667458934622a804bc27496bd2f89a53cfa /meta/recipes-devtools | |
parent | 1036bec2e99edd4c59ae1b6eedfbdc933104a9e4 (diff) | |
download | openembedded-core-contrib-62598e1138f21a16d8b1cdd1cfe902aeed854c5c.tar.gz |
python3: add cpython to CVE_PRODUCT
https://nvd.nist.gov/vuln/detail/CVE-2023-33595 uses 'cpython'.
Although it's currently the only one that uses cpython, let's add
cpython to CVE_PRODUCT, just in case.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Diffstat (limited to 'meta/recipes-devtools')
-rw-r--r-- | meta/recipes-devtools/python/python3_3.11.5.bb | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/meta/recipes-devtools/python/python3_3.11.5.bb b/meta/recipes-devtools/python/python3_3.11.5.bb index 6c624c9d3d..8e023c7dfb 100644 --- a/meta/recipes-devtools/python/python3_3.11.5.bb +++ b/meta/recipes-devtools/python/python3_3.11.5.bb @@ -46,7 +46,7 @@ SRC_URI[sha256sum] = "85cd12e9cf1d6d5a45f17f7afe1cebe7ee628d3282281c492e86adf636 UPSTREAM_CHECK_REGEX = "[Pp]ython-(?P<pver>\d+(\.\d+)+).tar" UPSTREAM_CHECK_URI = "https://www.python.org/downloads/source/" -CVE_PRODUCT = "python" +CVE_PRODUCT = "python cpython" CVE_STATUS[CVE-2007-4559] = "disputed: Upstream consider this expected behaviour" CVE_STATUS[CVE-2019-18348] = "not-applicable-config: This is not exploitable when glibc has CVE-2016-10739 fixed" |