diff --git a/sbom/cve-bin-tool-py3.9.json b/sbom/cve-bin-tool-py3.9.json
index 2678572818..305e8c864d 100644
--- a/sbom/cve-bin-tool-py3.9.json
+++ b/sbom/cve-bin-tool-py3.9.json
@@ -2,10 +2,10 @@
"$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
"bomFormat": "CycloneDX",
"specVersion": "1.6",
- "serialNumber": "urn:uuid:6b8040ba-91ea-45e2-b48e-cf3f925e08dd",
+ "serialNumber": "urn:uuid:da25ffa1-1384-461d-a6c5-84dfce937e55",
"version": 1,
"metadata": {
- "timestamp": "2024-05-13T00:29:02Z",
+ "timestamp": "2024-05-20T00:28:52Z",
"tools": {
"components": [
{
@@ -1839,31 +1839,31 @@
"type": "library",
"bom-ref": "42-zipp",
"name": "zipp",
- "version": "3.18.1",
+ "version": "3.18.2",
"supplier": {
- "name": "Jason R . Coombs",
+ "name": "Jason R .",
"contact": [
{
"email": "jaraco@jaraco.com"
}
]
},
- "cpe": "cpe:2.3:a:jason_r._coombs:zipp:3.18.1:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:jason_r.:zipp:3.18.2:*:*:*:*:*:*:*",
"description": "Backport of pathlib-compatible object wrapper for zip files",
"hashes": [
{
"alg": "SHA-1",
- "content": "bfae83474a730e8cc9b8a71027fb859b46b3875c"
+ "content": "051250eb0e3024d75e7de09921e4efab074f0112"
}
],
"externalReferences": [
{
- "url": "https://pypi.org/project/zipp/3.18.1",
+ "url": "https://pypi.org/project/zipp/3.18.2",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/zipp@3.18.1",
+ "purl": "pkg:pypi/zipp@3.18.2",
"properties": [
{
"name": "language",
@@ -1906,6 +1906,12 @@
"name": "markupsafe",
"version": "2.1.5",
"description": "Safely add untrusted strings to HTML/XML markup.",
+ "hashes": [
+ {
+ "alg": "SHA-1",
+ "content": "fbba4acd0312826cec9cfe18371c7df07962cb65"
+ }
+ ],
"licenses": [
{
"license": {
diff --git a/sbom/cve-bin-tool-py3.9.spdx b/sbom/cve-bin-tool-py3.9.spdx
index 956a22ea55..51f4d38c58 100644
--- a/sbom/cve-bin-tool-py3.9.spdx
+++ b/sbom/cve-bin-tool-py3.9.spdx
@@ -2,10 +2,10 @@ SPDXVersion: SPDX-2.3
DataLicense: CC0-1.0
SPDXID: SPDXRef-DOCUMENT
DocumentName: Python-cve-bin-tool
-DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-f75310d1-b81b-40c2-930d-22699181394d
+DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-3138d3f8-dc63-447a-b0be-cca4b60da110
LicenseListVersion: 3.22
Creator: Tool: sbom4python-0.10.4
-Created: 2024-05-13T00:27:25Z
+Created: 2024-05-20T00:27:19Z
CreatorComment: This document has been automatically generated.
#####
@@ -671,18 +671,18 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:jason_r._coombs:importlib-metadata:7.1
PackageName: zipp
SPDXID: SPDXRef-Package-42-zipp
-PackageVersion: 3.18.1
+PackageVersion: 3.18.2
PrimaryPackagePurpose: LIBRARY
-PackageSupplier: Organization: Jason R. Coombs (jaraco@jaraco.com)
-PackageDownloadLocation: https://pypi.org/project/zipp/3.18.1
+PackageSupplier: Organization: Jason R. (jaraco@jaraco.com)
+PackageDownloadLocation: https://pypi.org/project/zipp/3.18.2
FilesAnalyzed: false
-PackageChecksum: SHA1: bfae83474a730e8cc9b8a71027fb859b46b3875c
+PackageChecksum: SHA1: 051250eb0e3024d75e7de09921e4efab074f0112
PackageLicenseDeclared: NOASSERTION
PackageLicenseConcluded: NOASSERTION
PackageCopyrightText: NOASSERTION
PackageSummary: Backport of pathlib-compatible object wrapper for zip files
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/zipp@3.18.1
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:jason_r._coombs:zipp:3.18.1:*:*:*:*:*:*:*
+ExternalRef: PACKAGE_MANAGER purl pkg:pypi/zipp@3.18.2
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:jason_r.:zipp:3.18.2:*:*:*:*:*:*:*
#####
PackageName: jinja2
@@ -706,6 +706,7 @@ PrimaryPackagePurpose: LIBRARY
PackageSupplier: NOASSERTION
PackageDownloadLocation: https://pypi.org/project/MarkupSafe/2.1.5
FilesAnalyzed: false
+PackageChecksum: SHA1: fbba4acd0312826cec9cfe18371c7df07962cb65
PackageLicenseDeclared: BSD-3-Clause
PackageLicenseConcluded: BSD-3-Clause
PackageCopyrightText: NOASSERTION