On Thu, 2021-12-09 at 04:43 -1000, Steve Sakoman wrote: > On Thu, Dec 9, 2021 at 4:36 AM Tim Orling <[email protected]> wrote: > > > > > > > > On Thu, Dec 9, 2021 at 4:12 AM Marta Rybczynska <[email protected]> > > wrote: > > > > > > On Thu, Dec 9, 2021 at 7:53 AM Tim Orling <[email protected]> wrote: > > > > > > > > From: Richard Purdie <[email protected]> > > > > > > > > The CVE applies to binutils 2.26 and not to gcc so ignore there. > > > > > > > > > > Tim, > > > Have you requested a NVD database change on this one? Or you prefer me to > > > do it? > > > > > I have not. I was simply back-porting the patch from Richard. > > It's always preferable to request a change to the database when it is > wrong. They are usually pretty responsive. > > I'll take the patch for now, and if/when they accept the update we can > remove the exception in master/dunfell.
This one is a little fuzzy. There is an entry for binutils there too and I didn't understand why there was an unversioned gcc entry there with it. It could be our CPE parsing isn't quite right. I may also be referring to gcc the project rather than the component. Regardless, I wanted it off our CVE list! Cheers, Richard
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#159453): https://lists.openembedded.org/g/openembedded-core/message/159453 Mute This Topic: https://lists.openembedded.org/mt/87607595/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
