[OE-core] CVE check using the CVE database: master branch on July 31, 2024

Thu, 01 Aug 2024 00:49:03 -0700 

Hello all,
Here are the results, annotated.

Issues for package openssl-native (version 3.3.1):

       Unpatched: CVE-2024-5535
       Count: 1

Will be fixed by 3.3.2

Issues for package perl-native (version 5.38.2):

       Unpatched: CVE-2023-47039
       Count: 1

Windows, and before 3.52.1. CVE database has an issue: marked as default
status affected (will be fixed in overrides)

Issues for package bind (version 9.18.27):

       Unpatched: CVE-2024-0760 CVE-2024-1737 CVE-2024-1975 CVE-2024-4076
       Count: 4

New vulnerabilities, patch pending on the ML (update to 9.18.28)

Issues for package linux-yocto (version 6.6.35):

       Unpatched: CVE-2024-1086 CVE-2024-40993
       Count: 2

Kernel update needed

Issues for package orc-native (version 0.4.38):

       Unpatched: CVE-2024-40897
       Count: 1

Update needed to 0.4.39

Issues for package tiff (version 4.6.0):

       Unpatched: CVE-2023-3618
       Count: 1

False positive, CVE entry issue, will be fixed in overrides.

Issues for package graphene (version 1.10.8):

       Unpatched: CVE-2024-1984
       Count: 1

False positive, different package is affected, will be fixed.

Issues for package libarchive-native (version 3.7.4):

       Unpatched: CVE-2024-37407
       Count: 1

ADP entry issue, will be fixed in overrides.

Issues for package binutils-testsuite (version 2.42):

       Unpatched: CVE-2023-25585 CVE-2023-25586 CVE-2023-25588
       Count: 3

CVE entry issues, marked affected by default, will be fixed in overrides

Issues for package qemu-system-native (version 9.0.1):

       Unpatched: CVE-2023-1386 CVE-2023-3180 CVE-2023-3354
       Count: 3

CVE entry issues, marked affected by default, will be fixed in overrides

Issues for package curl-native (version 8.8.0):

       Unpatched: CVE-2024-6197 CVE-2024-6874 CVE-2024-7264
       Count: 3


Upgrade needed to 8.9.0

Global issue count: 21

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#202726): 
https://lists.openembedded.org/g/openembedded-core/message/202726
Mute This Topic: https://lists.openembedded.org/mt/107661405/21656
Group Owner: [email protected]
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-

Reply via email to