On Sun, Sep 12, 2021 at 6:05 AM Steve Sakoman via lists.openembedded.org <[email protected]> wrote: > > > > On Sun, Sep 12, 2021, 5:57 AM Richard Purdie > <[email protected]> wrote: >> >> On Sun, 2021-09-12 at 05:01 -1000, Steve Sakoman wrote: >> > Branch: hardknott >> > >> > New this week: 0 CVEs >> > >> > Removed this week: 2 CVEs >> > CVE-2020-27748: xdg-utils >> > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-27748 * >> > CVE-2021-38185: cpio >> > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-38185 * >> >> I'm not sure I believe these numbers as tar CVEs which showed up for dunfell >> and >> master don't show up here. Why? :/ > > > Don't know! Will investigate tomorrow.
I re-ran the hardknott report this morning and it now includes the missing tar cve's (as well as the libsolv, vim, and inetutils cve's we saw in master/dunfell) No idea why these weren't in yesterday's report since they were obviously in the upstream database and appeared in the master and dunfell runs (and hardknott runs last) I've seen this kind of thing once or twice in the past and have never been able to figure out what is going on since it is so intermittent. Steve
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#155980): https://lists.openembedded.org/g/openembedded-core/message/155980 Mute This Topic: https://lists.openembedded.org/mt/85554291/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
