Mirror of git.openembedded.org/meta-openembedded https://git.enea.com/cgit/linux/meta-openembedded.git/atom?h=wrynose 2025-12-31T16:28:56+00:00 2025-12-31T16:28:56+00:00 Gyorgy Sarvari skandigraun@gmail.com 2025-12-30T15:49:03+00:00 urn:sha1:34f5fd45afc368ef9c257de5fd2c64cce838d507 There is only one relevant CVE in the database, but it is tracked using svglib_project:svglib CPE, not the expected python:svglib CPE, making the cve-checker miss it. See CVE db query: sqlite> select * from products where product like '%svglib%'; CVE-2020-10799|svglib_project|svglib|||0.9.3|<= Set the CVE_PRODUCT accordingly. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> 2025-12-01T16:45:53+00:00 Robert Yang liezhi.yang@windriver.com 2025-12-01T09:00:12+00:00 urn:sha1:af3f71b72ad3af347efaff9e43a8cf0f2631f7c9 Svglib is a Python library for reading SVG files and converting them (to a reasonable degree) to other formats using the ReportLab Open Source toolkit. Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>