There were 66 entries in the raffle: steve@hexa ~/Desktop $ wc -l cve-raffle.txt 66 cve-raffle.txt
Many thanks to all who participated, this is great progress! And the winner is: steve@hexa ~/Desktop $ shuf -n 1 cve-raffle.txt CVE-2018-25032 Tim Orling <[email protected]> Congratulations Tim! Steve On Mon, Sep 12, 2022 at 6:52 AM Steve Sakoman via lists.openembedded.org <[email protected]> wrote: > > Sadly the CVE count for dunfell has been creeping up over the past > few months. Several people regularly contribute CVE patches for > dunfell and their efforts are much appreciated. But we need more > help! > > To encourage more folks to contribute to this effort I'm going to be > holding a raffle from now through the end of October. You'll get > one entry for each CVE fix patch that I merge into dunfell. And a > CVE database update that results in a reduction in dunfell reported > issues will also get you an entry. > > The prize? A bag of fresh roasted whole bean coffee from my small > coffee orchard here on the Big Island of Hawaii. This coffee won first > prize for the Hamakua District in the 2021 State of Hawaii cupping > competition. If the winner isn't a coffee drinker I'll try to get some > locally grown tea as a substitute prize. > > The fine print: > > 1. Patches and database update requests must be submitted during the > period September 12 through October 31, 2022 to receive a raffle entry. > > 2. CVE patch submissions should follow the guidelines in the "Patch > name convention and commit message" section of > https://wiki.yoctoproject.org/wiki/Security > > 3. If the patch also applies to master please send the patch for > master and note that it should be backported to dunfell/kirkstone as > appropriate. I'll pull this type of patch into dunfell only after it > hits master. > > 4. CVE database update requests should be sent to: > [email protected] You should note the CVE number and provide > supporting links for why you think an update is appropriate. When you > receive a "Thank you for bringing this to our attention. We appreciate > community input" response please forward a copy to me. I'll add your > raffle entry to the pool when the database is updated and the dunfell > cve count reduced. > > 5. To help avoid people working on the same CVE's I'll start a "CVE > raffle: collision avoidance" thread on this list. Just do a quick > reply noting which CVE you plan to work on. Please don't claim one > unless you really intend to follow through! > > Steve > > PS: While CVE patches for master and kirkstone are also much appreciated, > this raffle is intended to help reduce the dunfell CVE count. So only CVE > fixes/database updates that influence the dunfell CVE count will be entered > in the raffle. > > >
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#172364): https://lists.openembedded.org/g/openembedded-core/message/172364 Mute This Topic: https://lists.openembedded.org/mt/94713069/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
