On 14.05.23 at 13:29, Steve Sakoman wrote:
Branch: master
New this week: 3 CVEs
CVE-2022-21227 (CVSS3: 7.5 HIGH): sqlite3:sqlite3-native
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-21227 *
CVE-2023-2426 (CVSS3: 5.5 MEDIUM): vim
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2426 *
CVE-2023-2610 (CVSS3: 7.8 HIGH): vim
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2610 *
The number of vulnerabilities coming from vim week after week, year
after year, is always striking to me. Could it be because of lower code
quality compared to other projects of similar complexity? Could the
situation be better if we supported neovim instead?
Cheers
Michael.
--
Michael Opdenacker, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#181232):
https://lists.openembedded.org/g/openembedded-core/message/181232
Mute This Topic: https://lists.openembedded.org/mt/98882755/21656
Group Owner: [email protected]
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-
