python3-uvicorn: mark CVE-2020-7694 patched

Details: https://nvd.nist.gov/vuln/detail/CVE-2020-7694 The vulnerability was reported to the project[1], and the commit[2] that resolved the issue has been part of the project since version 0.11.7. Mark the CVE as patched due to this. [1]: https://github.com/Kludex/uvicorn/issues/723 [2]: 895807f94e Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
2026-01-11 15:11:26 +00:00 · 2026-01-09 15:17:33 +01:00
parent c369c6773e
commit 9a7a73877e
1 changed files with 1 additions and 0 deletions
--- a/meta-python/recipes-devtools/python/python3-uvicorn_0.40.0.bb
+++ b/meta-python/recipes-devtools/python/python3-uvicorn_0.40.0.bb
@@ -12,6 +12,7 @@ inherit pypi python_hatchling ptest-python-pytest

 PYPI_PACKAGE = "uvicorn"
 CVE_PRODUCT = "encode:uvicorn"
+CVE_STATUS[CVE-2020-7694] = "fixed-version: The vulnerability has been fixed since 0.11.7"

 RDEPENDS:${PN} = "\
    python3-click \