The recipe used in the meta-openembedded is a different dash package compared to the one which has the CVE issue. Package used in meta-openembedded: https://git.kernel.org/pub/scm/utils/dash/dash.git Package with CVE issue: https://github.com/plotly/dash
No action required. This issue can be removed from the CVE list. Ninette Adhikari (1): dash: Update CVE-2024-21485 status meta-oe/recipes-shells/dash/dash_0.5.12.bb | 2 ++ 1 file changed, 2 insertions(+) -- 2.44.0
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#109891): https://lists.openembedded.org/g/openembedded-devel/message/109891 Mute This Topic: https://lists.openembedded.org/mt/105440873/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
