summaryrefslogtreecommitdiffstats
path: root/meta/recipes-devtools/python/python3_3.11.5.bb
diff options
context:
space:
mode:
authorChen Qi <Qi.Chen@windriver.com>2023-09-27 00:14:38 -0700
committerRichard Purdie <richard.purdie@linuxfoundation.org>2023-09-28 12:37:47 +0100
commit65ad609bd75c4ae9e4c79a22a22e15a74a76f6c0 (patch)
treebdc98ee2917257a3bce45dfc180a3e002620d9ed /meta/recipes-devtools/python/python3_3.11.5.bb
parent4e79ddf67876b4784c9eb38fb7fb1d12cc1b3cec (diff)
downloadpoky-65ad609bd75c4ae9e4c79a22a22e15a74a76f6c0.tar.gz
python3: add cpython to CVE_PRODUCT
https://nvd.nist.gov/vuln/detail/CVE-2023-33595 uses 'cpython'. Although it's currently the only one that uses cpython, let's add cpython to CVE_PRODUCT, just in case. (From OE-Core rev: 62598e1138f21a16d8b1cdd1cfe902aeed854c5c) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-devtools/python/python3_3.11.5.bb')
-rw-r--r--meta/recipes-devtools/python/python3_3.11.5.bb2
1 files changed, 1 insertions, 1 deletions
diff --git a/meta/recipes-devtools/python/python3_3.11.5.bb b/meta/recipes-devtools/python/python3_3.11.5.bb
index 6c624c9d3d..8e023c7dfb 100644
--- a/meta/recipes-devtools/python/python3_3.11.5.bb
+++ b/meta/recipes-devtools/python/python3_3.11.5.bb
@@ -46,7 +46,7 @@ SRC_URI[sha256sum] = "85cd12e9cf1d6d5a45f17f7afe1cebe7ee628d3282281c492e86adf636
46UPSTREAM_CHECK_REGEX = "[Pp]ython-(?P<pver>\d+(\.\d+)+).tar" 46UPSTREAM_CHECK_REGEX = "[Pp]ython-(?P<pver>\d+(\.\d+)+).tar"
47UPSTREAM_CHECK_URI = "https://www.python.org/downloads/source/" 47UPSTREAM_CHECK_URI = "https://www.python.org/downloads/source/"
48 48
49CVE_PRODUCT = "python" 49CVE_PRODUCT = "python cpython"
50 50
51CVE_STATUS[CVE-2007-4559] = "disputed: Upstream consider this expected behaviour" 51CVE_STATUS[CVE-2007-4559] = "disputed: Upstream consider this expected behaviour"
52CVE_STATUS[CVE-2019-18348] = "not-applicable-config: This is not exploitable when glibc has CVE-2016-10739 fixed" 52CVE_STATUS[CVE-2019-18348] = "not-applicable-config: This is not exploitable when glibc has CVE-2016-10739 fixed"