diff --git a/sbom/cve-bin-tool-py3.8.json b/sbom/cve-bin-tool-py3.8.json index c9e2fd66cc..a664a2838d 100644 --- a/sbom/cve-bin-tool-py3.8.json +++ b/sbom/cve-bin-tool-py3.8.json @@ -2,10 +2,10 @@ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", - "serialNumber": "urn:uuid:83ff8d54-242d-458c-bf11-2b5ea6e02d5c", + "serialNumber": "urn:uuid:bc112257-5e89-4898-95bc-ba411056a8d5", "version": 1, "metadata": { - "timestamp": "2024-10-14T00:41:41Z", + "timestamp": "2024-10-21T00:38:42Z", "lifecycles": [ { "phase": "build" @@ -1865,7 +1865,7 @@ "type": "library", "bom-ref": "38-cryptography", "name": "cryptography", - "version": "43.0.1", + "version": "43.0.3", "supplier": { "name": "The cryptography developers The Python Cryptographic Authority and individual contributors", "contact": [ @@ -1874,7 +1874,7 @@ } ] }, - "cpe": "cpe:2.3:a:the_cryptography_developers_the_python_cryptographic_authority_and_individual_contributors:cryptography:43.0.1:*:*:*:*:*:*:*", + "cpe": "cpe:2.3:a:the_cryptography_developers_the_python_cryptographic_authority_and_individual_contributors:cryptography:43.0.3:*:*:*:*:*:*:*", "description": "cryptography is a package which provides cryptographic recipes and primitives to Python developers.", "licenses": [ { @@ -1888,12 +1888,12 @@ "comment": "Home page for project" }, { - "url": "https://pypi.org/project/cryptography/43.0.1/#files", + "url": "https://pypi.org/project/cryptography/43.0.3/#files", "type": "distribution", "comment": "Download location for component" } ], - "purl": "pkg:pypi/cryptography@43.0.1", + "purl": "pkg:pypi/cryptography@43.0.3", "properties": [ { "name": "language", @@ -3564,7 +3564,7 @@ "type": "library", "bom-ref": "73-setuptools", "name": "setuptools", - "version": "75.1.0", + "version": "75.2.0", "supplier": { "name": "Python Packaging Authority", "contact": [ @@ -3573,16 +3573,16 @@ } ] }, - "cpe": "cpe:2.3:a:python_packaging_authority:setuptools:75.1.0:*:*:*:*:*:*:*", + "cpe": "cpe:2.3:a:python_packaging_authority:setuptools:75.2.0:*:*:*:*:*:*:*", "description": "Easily download, build, install, upgrade, and uninstall Python packages", "externalReferences": [ { - "url": "https://pypi.org/project/setuptools/75.1.0/#files", + "url": "https://pypi.org/project/setuptools/75.2.0/#files", "type": "distribution", "comment": "Download location for component" } ], - "purl": "pkg:pypi/setuptools@75.1.0", + "purl": "pkg:pypi/setuptools@75.2.0", "properties": [ { "name": "language", diff --git a/sbom/cve-bin-tool-py3.8.spdx b/sbom/cve-bin-tool-py3.8.spdx index 867ffd8108..87e23e8dac 100644 --- a/sbom/cve-bin-tool-py3.8.spdx +++ b/sbom/cve-bin-tool-py3.8.spdx @@ -2,10 +2,10 @@ SPDXVersion: SPDX-2.3 DataLicense: CC0-1.0 SPDXID: SPDXRef-DOCUMENT DocumentName: Python-cve-bin-tool -DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-0c7d24a8-300c-48d3-bd3c-d8512d945bd4 +DocumentNamespace: http://spdx.org/spdxdocs/Python-cve-bin-tool-31326d6d-bbe6-44f9-b106-9f12af5fb249 LicenseListVersion: 3.22 Creator: Tool: sbom4python-0.11.3 -Created: 2024-10-14T00:39:45Z +Created: 2024-10-21T00:37:49Z CreatorComment: This document has been automatically generated. ##### @@ -632,18 +632,18 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:the_pyopenssl_developers:pyopenssl:24. PackageName: cryptography SPDXID: SPDXRef-38-cryptography -PackageVersion: 43.0.1 +PackageVersion: 43.0.3 PrimaryPackagePurpose: LIBRARY PackageSupplier: Organization: The cryptography developers The Python Cryptographic Authority and individual contributors (cryptography-dev@python.org) -PackageDownloadLocation: https://pypi.org/project/cryptography/43.0.1/#files +PackageDownloadLocation: https://pypi.org/project/cryptography/43.0.3/#files FilesAnalyzed: false PackageHomePage: https://github.com/pyca/cryptography PackageLicenseDeclared: Apache-2.0 OR BSD-3-Clause PackageLicenseConcluded: Apache-2.0 OR BSD-3-Clause PackageCopyrightText: NOASSERTION PackageSummary: cryptography is a package which provides cryptographic recipes and primitives to Python developers. -ExternalRef: PACKAGE_MANAGER purl pkg:pypi/cryptography@43.0.1 -ExternalRef: SECURITY cpe23Type cpe:2.3:a:the_cryptography_developers_the_python_cryptographic_authority_and_individual_contributors:cryptography:43.0.1:*:*:*:*:*:*:* +ExternalRef: PACKAGE_MANAGER purl pkg:pypi/cryptography@43.0.3 +ExternalRef: SECURITY cpe23Type cpe:2.3:a:the_cryptography_developers_the_python_cryptographic_authority_and_individual_contributors:cryptography:43.0.3:*:*:*:*:*:*:* ##### PackageName: cffi @@ -1208,17 +1208,17 @@ ExternalRef: SECURITY cpe23Type cpe:2.3:a:sean_ross:rpmfile:2.1.0:*:*:*:*:*:*:* PackageName: setuptools SPDXID: SPDXRef-73-setuptools -PackageVersion: 75.1.0 +PackageVersion: 75.2.0 PrimaryPackagePurpose: LIBRARY PackageSupplier: Organization: Python Packaging Authority (distutils-sig@python.org) -PackageDownloadLocation: https://pypi.org/project/setuptools/75.1.0/#files +PackageDownloadLocation: https://pypi.org/project/setuptools/75.2.0/#files FilesAnalyzed: false PackageLicenseDeclared: NOASSERTION PackageLicenseConcluded: NOASSERTION PackageCopyrightText: NOASSERTION PackageSummary: Easily download, build, install, upgrade, and uninstall Python packages -ExternalRef: PACKAGE_MANAGER purl pkg:pypi/setuptools@75.1.0 -ExternalRef: SECURITY cpe23Type cpe:2.3:a:python_packaging_authority:setuptools:75.1.0:*:*:*:*:*:*:* +ExternalRef: PACKAGE_MANAGER purl pkg:pypi/setuptools@75.2.0 +ExternalRef: SECURITY cpe23Type cpe:2.3:a:python_packaging_authority:setuptools:75.2.0:*:*:*:*:*:*:* ##### PackageName: toml