mirrors/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-01-26 20:11:40 +00:00
Code Issues Projects Releases Wiki Activity
36,833 Commits 63 Branches 0 Tags
587e4e79733cbbec229f5eed19176d41cb643ad4
Commit Graph

3 Commits

Author SHA1 Message Date
Gyorgy Sarvari
a5ee234b8c python3-uvicorn: mark CVE-2020-7694 patched 
Details: https://nvd.nist.gov/vuln/detail/CVE-2020-7694

The vulnerability was reported to the project[1], and the commit[2] that
resolved the issue has been part of the project since version 0.11.7.

Mark the CVE as patched due to this.

[1]: https://github.com/Kludex/uvicorn/issues/723
[2]: 895807f94e

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2026-01-12 08:53:48 -08:00
Gyorgy Sarvari
93fd9b0db0 python3-uvicorn: set CVE_PRODUCT 
The default python:uvicorn CPE is not correct, the CVEs are tracked
under encode:uvicorn.

See CVE db query (n8n vendor is not relevant):
sqlite> select * from products where product like 'uvicorn';
CVE-2020-7694|encode|uvicorn|-|||
CVE-2020-7695|encode|uvicorn|||0.11.7|<
CVE-2025-55526|n8n|uvicorn|0.35.0|=||

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-12-31 08:33:59 -08:00
Liu Yiding
cf1b6485d1 python3-uvicorn: upgrade 0.38.0 -> 0.40.0 
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-12-23 12:22:42 -08:00