Re: [OE-core] OE-core CVE metrics for hardknott on Sun 12 Sep 2021 05:00:01 AM HST

[Anuj Mittal]

Can we also set commercial flag while generating this list so recipes
like ffmpeg are also picked up?

Thanks,

Anuj

On Sun, 2021-09-12 at 05:01 -1000, Steve Sakoman wrote:
> Branch: hardknott
> 
> New this week: 0 CVEs
> 
> Removed this week: 2 CVEs
> CVE-2020-27748: xdg-utils
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-27748 *
> CVE-2021-38185: cpio
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-38185 *
> 
> Full list:  Found 27 unpatched CVEs
> CVE-2013-0340: expat:expat-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0340 *
> CVE-2019-12067: qemu:qemu-native:qemu-system-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-12067 *
> CVE-2019-6293: flex:flex-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-6293 *
> CVE-2019-6470: bind
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-6470 *
> CVE-2020-18974: nasm:nasm-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-18974 *
> CVE-2020-29623: webkitgtk
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-29623 *
> CVE-2020-35503: qemu:qemu-native:qemu-system-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-35503 *
> CVE-2021-0129: bluez5
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-0129 *
> CVE-2021-1765: webkitgtk
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1765 *
> CVE-2021-1789: webkitgtk
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1789 *
> CVE-2021-1799: webkitgtk
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1799 *
> CVE-2021-1801: webkitgtk
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1801 *
> CVE-2021-1870: webkitgtk
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1870 *
> CVE-2021-20196: qemu:qemu-native:qemu-system-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-20196 *
> CVE-2021-20255: qemu:qemu-native:qemu-system-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-20255 *
> CVE-2021-22922: curl:curl-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-22922 *
> CVE-2021-22923: curl:curl-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-22923 *
> CVE-2021-29923: go
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-29923 *
> CVE-2021-31810: ruby:ruby-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-31810 *
> CVE-2021-31879: wget
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-31879 *
> CVE-2021-32066: ruby:ruby-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-32066 *
> CVE-2021-3445: libdnf
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3445 *
> CVE-2021-3507: qemu:qemu-native:qemu-system-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3507 *
> CVE-2021-35331: tcl:tcl-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35331 *
> CVE-2021-3682: qemu:qemu-native:qemu-system-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3682 *
> CVE-2021-36976: libarchive
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-36976 *
> CVE-2021-3713: qemu:qemu-native:qemu-system-native
> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3713 *
> 
> 
> 


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#156070): 
https://lists.openembedded.org/g/openembedded-core/message/156070
Mute This Topic: https://lists.openembedded.org/mt/85552991/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-