On 11 Jun 2023, at 12:30, Steve Sakoman via lists.openembedded.org <[email protected]> wrote: > CVE-2022-48502 (CVSS3: 7.1 HIGH): linux-yocto > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-48502 *
Needs a backport in the kernel. > CVE-2023-2002 (CVSS3: 6.8 MEDIUM): linux-yocto > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2002 * Fixed in .27, patch just sent to ignore this. > CVE-2023-2598 (CVSS3: 7.8 HIGH): linux-yocto > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2598 * Appears to be 6.3 specific, contacted NIST. > CVE-2023-2985 (CVSS3: 5.5 MEDIUM): linux-yocto > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-2985 * Fixed in .16, ignoring. > CVE-2023-30571 (CVSS3: 5.3 MEDIUM): libarchive:libarchive-native > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-30571 * Still open. > CVE-2023-32324 (CVSS3: 5.5 MEDIUM): cups > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-32324 * Patch already on the list. > CVE-2023-34256 (CVSS3: 5.5 MEDIUM): linux-yocto > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-34256 * Fixed in 6.1.29, ignoring. Ross
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#182674): https://lists.openembedded.org/g/openembedded-core/message/182674 Mute This Topic: https://lists.openembedded.org/mt/99461951/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
