diff --git a/sbom/cve-bin-tool-py3.8.json b/sbom/cve-bin-tool-py3.8.json
index c9e2fd66cc..a664a2838d 100644
--- a/sbom/cve-bin-tool-py3.8.json
+++ b/sbom/cve-bin-tool-py3.8.json
@@ -2,10 +2,10 @@
"$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
"bomFormat": "CycloneDX",
"specVersion": "1.6",
- "serialNumber": "urn:uuid:83ff8d54-242d-458c-bf11-2b5ea6e02d5c",
+ "serialNumber": "urn:uuid:bc112257-5e89-4898-95bc-ba411056a8d5",
"version": 1,
"metadata": {
- "timestamp": "2024-10-14T00:41:41Z",
+ "timestamp": "2024-10-21T00:38:42Z",
"lifecycles": [
{
"phase": "build"
@@ -1865,7 +1865,7 @@
"type": "library",
"bom-ref": "38-cryptography",
"name": "cryptography",
- "version": "43.0.1",
+ "version": "43.0.3",
"supplier": {
"name": "The cryptography developers The Python Cryptographic Authority and individual contributors",
"contact": [
@@ -1874,7 +1874,7 @@
}
]
},
- "cpe": "cpe:2.3:a:the_cryptography_developers_the_python_cryptographic_authority_and_individual_contributors:cryptography:43.0.1:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:the_cryptography_developers_the_python_cryptographic_authority_and_individual_contributors:cryptography:43.0.3:*:*:*:*:*:*:*",
"description": "cryptography is a package which provides cryptographic recipes and primitives to Python developers.",
"licenses": [
{
@@ -1888,12 +1888,12 @@
"comment": "Home page for project"
},
{
- "url": "https://pypi.org/project/cryptography/43.0.1/#files",
+ "url": "https://pypi.org/project/cryptography/43.0.3/#files",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/cryptography@43.0.1",
+ "purl": "pkg:pypi/cryptography@43.0.3",
"properties": [
{
"name": "language",
@@ -3564,7 +3564,7 @@
"type": "library",
"bom-ref": "73-setuptools",
"name": "setuptools",
- "version": "75.1.0",
+ "version": "75.2.0",
"supplier": {
"name": "Python Packaging Authority",
"contact": [
@@ -3573,16 +3573,16 @@
}
]
},
- "cpe": "cpe:2.3:a:python_packaging_authority:setuptools:75.1.0:*:*:*:*:*:*:*",
+ "cpe": "cpe:2.3:a:python_packaging_authority:setuptools:75.2.0:*:*:*:*:*:*:*",
"description": "Easily download, build, install, upgrade, and uninstall Python packages",
"externalReferences": [
{
- "url": "https://pypi.org/project/setuptools/75.1.0/#files",
+ "url": "https://pypi.org/project/setuptools/75.2.0/#files",
"type": "distribution",
"comment": "Download location for component"
}
],
- "purl": "pkg:pypi/setuptools@75.1.0",
+ "purl": "pkg:pypi/setuptools@75.2.0",
"properties": [
{
"name": "language",
diff --git a/sbom/cve-bin-tool-py3.8.spdx b/sbom/cve-bin-tool-py3.8.spdx
index 867ffd8108..87e23e8dac 100644
--- a/sbom/cve-bin-tool-py3.8.spdx
+++ b/sbom/cve-bin-tool-py3.8.spdx
@@ -2,10 +2,10 @@ SPDXVersion: SPDX-2.3
DataLicense: CC0-1.0
SPDXID: SPDXRef-DOCUMENT
DocumentName: Python-cve-bin-tool
-DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-0c7d24a8-300c-48d3-bd3c-d8512d945bd4
+DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-31326d6d-bbe6-44f9-b106-9f12af5fb249
LicenseListVersion: 3.22
Creator: Tool: sbom4python-0.11.3
-Created: 2024-10-14T00:39:45Z
+Created: 2024-10-21T00:37:49Z
CreatorComment: This document has been automatically generated.
#####
@@ -632,18 +632,18 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:the_pyopenssl_developers:pyopenssl:24.
PackageName: cryptography
SPDXID: SPDXRef-38-cryptography
-PackageVersion: 43.0.1
+PackageVersion: 43.0.3
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Organization: The cryptography developers The Python Cryptographic Authority and individual contributors (cryptography-dev@python.org)
-PackageDownloadLocation: https://pypi.org/project/cryptography/43.0.1/#files
+PackageDownloadLocation: https://pypi.org/project/cryptography/43.0.3/#files
FilesAnalyzed: false
PackageHomePage: https://github.com/pyca/cryptography
PackageLicenseDeclared: Apache-2.0 OR BSD-3-Clause
PackageLicenseConcluded: Apache-2.0 OR BSD-3-Clause
PackageCopyrightText: NOASSERTION
PackageSummary: cryptography is a package which provides cryptographic recipes and primitives to Python developers.
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/cryptography@43.0.1
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:the_cryptography_developers_the_python_cryptographic_authority_and_individual_contributors:cryptography:43.0.1:*:*:*:*:*:*:*
+ExternalRef: PACKAGE_MANAGER purl pkg:pypi/cryptography@43.0.3
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:the_cryptography_developers_the_python_cryptographic_authority_and_individual_contributors:cryptography:43.0.3:*:*:*:*:*:*:*
#####
PackageName: cffi
@@ -1208,17 +1208,17 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:sean_ross:rpmfile:2.1.0:*:*:*:*:*:*:*
PackageName: setuptools
SPDXID: SPDXRef-73-setuptools
-PackageVersion: 75.1.0
+PackageVersion: 75.2.0
PrimaryPackagePurpose: LIBRARY
PackageSupplier: Organization: Python Packaging Authority (distutils-sig@python.org)
-PackageDownloadLocation: https://pypi.org/project/setuptools/75.1.0/#files
+PackageDownloadLocation: https://pypi.org/project/setuptools/75.2.0/#files
FilesAnalyzed: false
PackageLicenseDeclared: NOASSERTION
PackageLicenseConcluded: NOASSERTION
PackageCopyrightText: NOASSERTION
PackageSummary: Easily download, build, install, upgrade, and uninstall Python packages
-ExternalRef: PACKAGE_MANAGER purl pkg:pypi/setuptools@75.1.0
-ExternalRef: SECURITY cpe23Type cpe:2.3:a:python_packaging_authority:setuptools:75.1.0:*:*:*:*:*:*:*
+ExternalRef: PACKAGE_MANAGER purl pkg:pypi/setuptools@75.2.0
+ExternalRef: SECURITY cpe23Type cpe:2.3:a:python_packaging_authority:setuptools:75.2.0:*:*:*:*:*:*:*
#####
PackageName: toml