On 18 Jun 2023, at 12:20, Steve Sakoman via lists.yoctoproject.org <[email protected]> wrote: > CVE-2019-14899 (CVSS3: 7.4 HIGH): linux-yocto > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14899 *
An long-standing issue related to network stacks and so on. Someone needs to spend time deciding if we leave this open or add it to extra-exclusions. > CVE-2023-3141 (CVSS3: 7.1 HIGH): linux-yocto > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3141 * Backported to 6.1.30, exclusion sent. > CVE-2023-33551 (CVSS3: 7.8 HIGH): erofs-utils:erofs-utils-native > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-33551 * > CVE-2023-33552 (CVSS3: 7.8 HIGH): erofs-utils:erofs-utils-native > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-33552 * Backports sent. Ross
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#183100): https://lists.openembedded.org/g/openembedded-core/message/183100 Mute This Topic: https://lists.openembedded.org/mt/99620688/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
