python3-m2crypto: ignore CVE-2009-0127

Details: https://nvd.nist.gov/vuln/detail/CVE-2009-0127 The vulnerability is disputed[1] by upstream: "There is no vulnerability in M2Crypto. Nowhere in the functions are the return values of OpenSSL functions interpreted incorrectly. The functions provide an interface to their users that may be considered confusing, but is not incorrect, nor it is a vulnerability." [1]: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-0127 Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
author: Gyorgy Sarvari <skandigraun@gmail.com> 2026-01-07 12:33:42 +0100
committer: Khem Raj <raj.khem@gmail.com> 2026-01-12 08:53:45 -0800
commit: b46a5452a1c1a417f2971e494e151fa1f4022e36 (patch)
tree: 65b2650cc31817a8c383d9631b319be184e359fc /meta-python/recipes-devtools/python
parent: 8f67ff2a344c7d81b558dbdfebe39ba2e41c582f (diff)
download: meta-openembedded-b46a5452a1c1a417f2971e494e151fa1f4022e36.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/meta-python/recipes-devtools/python/python3-m2crypto_0.46.2.bb b/meta-python/recipes-devtools/python/python3-m2crypto_0.46.2.bb
index 03b178fc8a..92b14787fa 100644
--- a/meta-python/recipes-devtools/python/python3-m2crypto_0.46.2.bb
+++ b/meta-python/recipes-devtools/python/python3-m2crypto_0.46.2.bb
@@ -12,6 +12,8 @@ SRC_URI += " \
          file://0002-fix-correct-struct-packing-on-32-bit-with-_TIME_BITS.patch \
 "
+CVE_STATUS[CVE-2009-0127] = "disputed: upstream claims there is no bug"
 inherit pypi siteinfo python_setuptools_build_meta
 DEPENDS += "openssl swig-native"
author	Gyorgy Sarvari <skandigraun@gmail.com>	2026-01-07 12:33:42 +0100
committer	Khem Raj <raj.khem@gmail.com>	2026-01-12 08:53:45 -0800
commit	b46a5452a1c1a417f2971e494e151fa1f4022e36 (patch)
tree	65b2650cc31817a8c383d9631b319be184e359fc /meta-python/recipes-devtools/python
parent	8f67ff2a344c7d81b558dbdfebe39ba2e41c582f (diff)
download	meta-openembedded-b46a5452a1c1a417f2971e494e151fa1f4022e36.tar.gz

diff --git a/meta-python/recipes-devtools/python/python3-m2crypto_0.46.2.bb b/meta-python/recipes-devtools/python/python3-m2crypto_0.46.2.bb index 03b178fc8a..92b14787fa 100644 --- a/meta-python/recipes-devtools/python/python3-m2crypto_0.46.2.bb +++ b/meta-python/recipes-devtools/python/python3-m2crypto_0.46.2.bb
@@ -12,6 +12,8 @@ SRC_URI += " \
12	file://0002-fix-correct-struct-packing-on-32-bit-with-_TIME_BITS.patch \	12	file://0002-fix-correct-struct-packing-on-32-bit-with-_TIME_BITS.patch \
13	"	13	"
14		14
		15	CVE_STATUS[CVE-2009-0127] = "disputed: upstream claims there is no bug"
		16
15	inherit pypi siteinfo python_setuptools_build_meta	17	inherit pypi siteinfo python_setuptools_build_meta
16		18
17	DEPENDS += "openssl swig-native"	19	DEPENDS += "openssl swig-native"