From a5ee234b8cf06b6385a9bf1eb5b60d6171a993c9 Mon Sep 17 00:00:00 2001
From: Gyorgy Sarvari <skandigraun@gmail.com>
Date: Fri, 9 Jan 2026 15:17:33 +0100
Subject: python3-uvicorn: mark CVE-2020-7694 patched

Details: https://nvd.nist.gov/vuln/detail/CVE-2020-7694

The vulnerability was reported to the project[1], and the commit[2] that
resolved the issue has been part of the project since version 0.11.7.

Mark the CVE as patched due to this.

[1]: https://github.com/Kludex/uvicorn/issues/723
[2]: https://github.com/Kludex/uvicorn/commit/895807f94ea9a8e588605c12076b7d7517cda503

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
 meta-python/recipes-devtools/python/python3-uvicorn_0.40.0.bb | 1 +
 1 file changed, 1 insertion(+)

(limited to 'meta-python/recipes-devtools/python')

diff --git a/meta-python/recipes-devtools/python/python3-uvicorn_0.40.0.bb b/meta-python/recipes-devtools/python/python3-uvicorn_0.40.0.bb
index 3013ff50d0..227202b8cc 100644
--- a/meta-python/recipes-devtools/python/python3-uvicorn_0.40.0.bb
+++ b/meta-python/recipes-devtools/python/python3-uvicorn_0.40.0.bb
@@ -12,6 +12,7 @@ inherit pypi python_hatchling ptest-python-pytest
 
 PYPI_PACKAGE = "uvicorn"
 CVE_PRODUCT = "encode:uvicorn"
+CVE_STATUS[CVE-2020-7694] = "fixed-version: The vulnerability has been fixed since 0.11.7"
 
 RDEPENDS:${PN} = "\
     python3-click \
-- 
cgit v1.2.3-54-g00ecf