On Sun, Jun 12, 2022, 5:57 AM Robert Joslyn <[email protected]> wrote:
> > > > On Jun 12, 2022, at 6:02 AM, Steve Sakoman <[email protected]> wrote: > > > > Branch: kirkstone > > > > New this week: 5 CVEs > > CVE-2022-1664 (CVSS3: 9.8 CRITICAL): dpkg > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1664 * > > CVE-2022-1927 (CVSS3: 9.8 CRITICAL): vim > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1927 * > > CVE-2022-1942 (CVSS3: 7.8 HIGH): vim > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1942 * > > CVE-2022-26691 (CVSS3: 6.7 MEDIUM): cups > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-26691 * > > CVE-2022-27778 (CVSS3: 8.1 HIGH): curl:curl-native > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-27778 * > > CVE-2022-27778 doesn’t apply to the curl versions in kirkstone or dunfell > (master already has the fixed version). It looks like the NVD doesn’t quite > have the right version ranges based on what the curl developers have > published. I’ve sent an email to hopefully get the NVD updated. > Thanks Robert! Steve >
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#166826): https://lists.openembedded.org/g/openembedded-core/message/166826 Mute This Topic: https://lists.openembedded.org/mt/91705261/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
