mirrors/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-04-20 11:38:34 +00:00
Code Issues Projects Releases Wiki Activity

python3-m2crypto: ignore CVE-2009-0127

Browse Source 
Details: https://nvd.nist.gov/vuln/detail/CVE-2009-0127

The vulnerability is disputed[1] by upstream:
"There is no vulnerability in M2Crypto. Nowhere in the functions
are the return values of OpenSSL functions interpreted incorrectly.
The functions provide an interface to their users that may be
considered confusing, but is not incorrect, nor it is a vulnerability."

[1]: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-0127

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This commit is contained in:
Gyorgy Sarvari
2026-01-07 12:33:42 +01:00
committed by Khem Raj
parent 9861bbc3a4
commit 763f409959
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
meta-python/recipes-devtools/python/python3-m2crypto_0.46.2.bb
View File

@@ -12,6 +12,8 @@ SRC_URI += " \
file://0002-fix-correct-struct-packing-on-32-bit-with-_TIME_BITS.patch \
"
CVE_STATUS[CVE-2009-0127] = "disputed: upstream claims there is no bug"
inherit pypi siteinfo python_setuptools_build_meta
DEPENDS += "openssl swig-native"