On Tue, 2022-05-10 at 17:02 +0200, Marta Rybczynska wrote: > On Mon, May 9, 2022 at 4:42 PM Marta Rybczynska via > lists.openembedded.org <[email protected]> > wrote: > > On Mon, May 9, 2022 at 12:40 PM Marta Rybczynska > > <[email protected]> wrote: > > > On Sun, May 8, 2022 at 6:45 PM Richard Purdie > > > <[email protected]> wrote: > > > > On Sun, 2022-05-08 at 13:34 +0100, Richard Purdie via > > > > lists.openembedded.org wrote: > > > > > Includes fixes for CVE-2022-27404, CVE-2022-27405, CVE-2022- > > > > > 27406. > > > > > > > > > > > > > > > > > > I'm amending this to "Include fix for CVE-2022-27404" since > > > > CVE-2022- > > > > 27405 and CVE-2022-27406 were already in 2.12.0. > > > > > > > > I don't think the CVE checker is going to like these as they're > > > > using > > > > dates for these for reasons I don't understand. > > > > > > > > > > > > > > > > > They also include versions in the NVD, but there is no version > > > "non-afected" > > > as of today for CVE-2022-27404. I'll figure out the exact > > > versions for those > > > CVEs and update the NVD in the next hours. > > > > > > Kind regards, > > > Marta > > > > > > > > > Update: the message to NVD has been sent. According to my analysis > > all three > > CVEs have been fixed in 2.12.0. > > > > > The change is up in NVD. The next run of the cve-check should see it.
Great, thanks for sorting that one out, the reports will be much better for it! Cheers, Richard
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#165462): https://lists.openembedded.org/g/openembedded-core/message/165462 Mute This Topic: https://lists.openembedded.org/mt/90973332/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
