On Mon, May 9, 2022 at 4:42 PM Marta Rybczynska via lists.openembedded.org <[email protected]> wrote:
> > > On Mon, May 9, 2022 at 12:40 PM Marta Rybczynska <[email protected]> > wrote: > >> >> >> On Sun, May 8, 2022 at 6:45 PM Richard Purdie < >> [email protected]> wrote: >> >>> On Sun, 2022-05-08 at 13:34 +0100, Richard Purdie via >>> lists.openembedded.org wrote: >>> > Includes fixes for CVE-2022-27404, CVE-2022-27405, CVE-2022-27406. >>> > >>> > >>> >>> I'm amending this to "Include fix for CVE-2022-27404" since CVE-2022- >>> 27405 and CVE-2022-27406 were already in 2.12.0. >>> >>> I don't think the CVE checker is going to like these as they're using >>> dates for these for reasons I don't understand. >>> >>> >> They also include versions in the NVD, but there is no version " >> non-afected" >> as of today for CVE-2022-27404. I'll figure out the exact versions for >> those >> CVEs and update the NVD in the next hours. >> >> Kind regards, >> Marta >> > > Update: the message to NVD has been sent. According to my analysis all > three > CVEs have been fixed in 2.12.0. > The change is up in NVD. The next run of the cve-check should see it. Regards, Marta
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#165458): https://lists.openembedded.org/g/openembedded-core/message/165458 Mute This Topic: https://lists.openembedded.org/mt/90973332/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
