I pulled the latest and I see the apache2 version is updated to 2.4.60. But the CVE list <https://autobuilder.yocto.io/pub/non-release/patchmetrics-meta-oe/cve-status-master.txt> still has the following CVEs listed: CVE-2007-0450, CVE-2010-0425 I'll send a new patch against the latest master branch to update status of the CVEs. Thanks! Ninette
On Wed, Jul 3, 2024 at 10:53 AM Khem Raj <[email protected]> wrote: > Please rebase it on latest master and see if it’s still needed > > On Wed, Jul 3, 2024 at 10:44 AM Ninette Adhikari <[email protected]> > wrote: > >> Hi Khem, >> This is meant for the 'master' branch. It is a status update for some >> CVEs. >> I'll make sure to include the branch name in the subject for future >> patches. For this patch, do I need to resend it with an updated subject >> line? Please let me know. Thanks so much! >> >> Ninette >> >> On Wed, Jul 3, 2024 at 9:49 AM Khem Raj <[email protected]> wrote: >> >>> which branch is it for ? >>> Please mark it accordingly in subject line see - >>> >>> https://docs.yoctoproject.org/dev/contributor-guide/submit-changes.html#submitting-changes-to-stable-release-branches >>> >>> On Wed, Jul 3, 2024 at 9:40 AM Ninette Adhikari via >>> lists.openembedded.org >>> <[email protected]> wrote: >>> > >>> > Update status for: CVE-2007-0450, CVE-2010-0425 >>> > >>> > The current version (2.4.59) is not affected. It only applies for >>> Windows. >>> > >>> > Ninette Adhikari (1): >>> > apache2:apache2-native: CVE status update >>> > >>> > meta-webserver/recipes-httpd/apache2/apache2_2.4.59.bb | 2 ++ >>> > 1 file changed, 2 insertions(+) >>> > >>> > -- >>> > 2.44.0 >>> > >>> > >>> > >>> > >>> >>
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#111240): https://lists.openembedded.org/g/openembedded-devel/message/111240 Mute This Topic: https://lists.openembedded.org/mt/107022825/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
