Note that the New and Removed sections are empty this week on purpose. I've updated the script and wanted to avoid a bunch of confusing noise in these sections. The Full list is valid of course.
The old script only associated a single package with each CVE (and somewhat randomly depending on how it traversed the cve results directory - in the case of multiple hits per cve whichever package was encountered last was the one reported). I've fixed this bug and the script now reports all hits on each CVE, most often -native and/or -system-native in addition to the target package. Next week the New and Removed sections should once again be valid. Steve On Sun, Feb 21, 2021 at 8:02 AM <[email protected]> wrote: > > Branch: master > > New this week: > > Removed this week: > > Full list: Found 50 unpatched CVEs > CVE-2000-0006: strace > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2000-0006 * > CVE-2000-0803: groff:groff-native > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2000-0803 * > CVE-2005-0238: epiphany > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-0238 * > CVE-2007-0998: qemu:qemu-native:qemu-system-native > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-0998 * > CVE-2007-2379: jquery > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-2379 * > CVE-2007-2768: openssh > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-2768 * > CVE-2007-4476: tar > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-4476 * > CVE-2008-0888: unzip:unzip-native > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-0888 * > CVE-2008-3188: libxcrypt > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3188 * > CVE-2008-3844: openssh > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3844 * > CVE-2008-4178: builder > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4178 * > CVE-2008-4539: qemu:qemu-native:qemu-system-native > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4539 * > CVE-2010-4226: cpio > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4226 * > CVE-2010-4756: glibc > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4756 * > CVE-2011-1548: logrotate > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1548 * > CVE-2011-1549: logrotate > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1549 * > CVE-2011-1550: logrotate > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1550 * > CVE-2013-0221: coreutils:coreutils-native > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0221 * > CVE-2013-0222: coreutils:coreutils-native > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0222 * > CVE-2013-0223: coreutils:coreutils-native > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0223 * > CVE-2013-0800: pixman:pixman-native > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0800 * > CVE-2013-4235: shadow:shadow-native > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4235 * > CVE-2013-4342: xinetd > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4342 * > CVE-2013-6629: ghostscript:ghostscript-native > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6629 * > CVE-2013-7381: libnotify > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7381 * > CVE-2015-7313: tiff > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7313 * > CVE-2016-2781: coreutils:coreutils-native > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2781 * > CVE-2016-6328: libexif > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6328 * > CVE-2017-3139: bind > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-3139 * > CVE-2017-5957: qemu:qemu-native:qemu-system-native > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5957 * > CVE-2018-1000041: librsvg:librsvg-native > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1000041 * > CVE-2018-12433: openssl:openssl-native > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12433 * > CVE-2018-12437: openssl:openssl-native > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12437 * > CVE-2018-12438: openssl:openssl-native > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12438 * > CVE-2018-18438: qemu:qemu-native:qemu-system-native > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-18438 * > CVE-2019-1010022: glibc > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1010022 * > CVE-2019-1010023: glibc > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1010023 * > CVE-2019-1010024: glibc > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1010024 * > CVE-2019-1010025: glibc > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1010025 * > CVE-2019-14865: grub:grub-efi:grub-native > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14865 * > CVE-2019-6293: flex:flex-native > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-6293 * > CVE-2019-6470: bind > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-6470 * > CVE-2020-12352: bluez5 > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-12352 * > CVE-2020-15705: grub:grub-efi:grub-native > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-15705 * > CVE-2020-24490: bluez5 > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-24490 * > CVE-2020-29509: go > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-29509 * > CVE-2020-29511: go > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-29511 * > CVE-2020-35517: qemu:qemu-native:qemu-system-native > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-35517 * > CVE-2020-3810: apt > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-3810 * > CVE-2021-26937: screen > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-26937 *
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#148399): https://lists.openembedded.org/g/openembedded-core/message/148399 Mute This Topic: https://lists.openembedded.org/mt/80805773/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
