Hi Saurabh, On Mon, 2025-08-11 at 11:11 +0000, KATARE, SAURABH [EMR/MSOL/PUNE] wrote: > As part of our ongoing efforts to comply with theEU Cyber Resilience > Act (CRA), we are currently conducting a cybersecurity risk assessment > of third-party software vendors whose products or components are > integrated into our systems. To support this initiative, we kindly > request your input on the following questions related to your software > product "elfutils" with version 0.178.
Note that elfutils version 0.178 is 6 years old and likely contains unresolved bugs. The latest version of elfutils is version 0.193 "Bugs erased, stacks traced". It is recommended to integrate the latest version into your systems. Elfutils isn't a product and the elfutils community isn't a "third party vendor". If you are a commercial manufacturer or importer that wants to put products with digital elements on the EU market, then you are responsible for cybersecurity throughout your product's life cycle. Please see https://sourceware.org/cyber-security-faq.html#eu-cra for some recommendations around the EU CRA. Cheers, Mark
