On Mon, 15 May 2023 at 10:17, Michael Opdenacker via lists.yoctoproject.org <[email protected]> wrote: > > New this week: 3 CVEs > > CVE-2022-21227 (CVSS3: 7.5 HIGH): sqlite3:sqlite3-native > > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-21227 * > > CVE-2023-2426 (CVSS3: 5.5 MEDIUM): vim > > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2426 * > > CVE-2023-2610 (CVSS3: 7.8 HIGH): vim > > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2610 * > > > The number of vulnerabilities coming from vim week after week, year > after year, is always striking to me. Could it be because of lower code > quality compared to other projects of similar complexity? Could the > situation be better if we supported neovim instead?
They have some kind of bounty program going. nano please :) I tend to agree, there is no reason to carry specifically vim as 'an editor for quick config file hacks on the target'. Alex
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#181234): https://lists.openembedded.org/g/openembedded-core/message/181234 Mute This Topic: https://lists.openembedded.org/mt/98899279/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
