From: Peter Marko <[email protected]> This CVE is fixed by https://github.com/ImageMagick/ImageMagick/commit/aa673b2e4defc7cad5bec16c4fc8324f71e531f1 It is tracked as 'fixed in next version' - 7.1.2 (which does not exist) in NVD DB.
.../tmp/work/core2-64-poky-linux/imagemagick/7.1.1-43/git$ git describe aa673b2e4defc7cad5bec16c4fc8324f71e531f1 --tags 7.1.1-18-4-gaa673b2e4d .../tmp/work/core2-64-poky-linux/imagemagick/7.1.1-43/git$ git tag --contains aa673b2e4defc7cad5bec16c4fc8324f71e531f1 | head -n1 7.1.1-19 Signed-off-by: Peter Marko <[email protected]> --- meta-oe/recipes-support/imagemagick/imagemagick_7.1.1-43.bb | 1 + 1 file changed, 1 insertion(+) diff --git a/meta-oe/recipes-support/imagemagick/imagemagick_7.1.1-43.bb b/meta-oe/recipes-support/imagemagick/imagemagick_7.1.1-43.bb index f692370de0..779bc1fd31 100644 --- a/meta-oe/recipes-support/imagemagick/imagemagick_7.1.1-43.bb +++ b/meta-oe/recipes-support/imagemagick/imagemagick_7.1.1-43.bb @@ -170,3 +170,4 @@ CVE_STATUS[CVE-2017-5506] = "cpe-incorrect: The current version (7.1.1) is not a CVE_STATUS[CVE-2017-5509] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 7.0.4-4" CVE_STATUS[CVE-2017-5510] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 7.0.4-4" CVE_STATUS[CVE-2017-5511] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 7.0.4-3" +CVE_STATUS[CVE-2023-5341] = "fixed-version: this is fixed in 7.1.1-19" -- 2.30.2
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#114566): https://lists.openembedded.org/g/openembedded-devel/message/114566 Mute This Topic: https://lists.openembedded.org/mt/110303089/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
