[OE-core] [PATCH] dnf: fix Exception handling for class ProcessLock

From: Changqing Li Yocto based systems will sometimes have log_lock.pid left in target filesystems. Users typing 'ls /' will notice it, and will never be removed. It happened when log rotate happened, refer [1], since the problem descripted in patch 0001-lock.py-fix-Exception-handling.patch,

Re: [OE-core] [yocto-security] OE-core CVE metrics for master on Sun 24 Mar 2024 01:00:01 AM HST

https://www.darkreading.com/cybersecurity-operations/nist-vuln-database-downshifts-prompting-questions-about-its-future> Next week, vulnerability researchers will gather for the VulnCon conference in Raleigh, N.C., where an "NVD symposium" is on the agenda. Perhaps more details will emerge then.   

[OE-core] OE-core CVE metrics for nanbield on Sun 24 Mar 2024 04:00:01 AM HST

Branch: nanbield New this week: 11 CVEs CVE-2023-52448 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-52448 * CVE-2023-52449 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-52449 * CVE-2023-52450 (CVSS3: 5.5

Re: [OE-core] [yocto-security] OE-core CVE metrics for master on Sun 24 Mar 2024 01:00:01 AM HST

https://www.scmagazine.com/news/update-delays-to-nist-vulnerability-database-alarms-researchers On Sun, Mar 24, 2024, 4:11 AM Alexander Kanavin wrote: > I’m getting slightly concerned, no new CVEs second week in a row? Did the > checker break? > > Alex > > On Sun 24. Mar 2024 at 12.18, Steve

Re: [OE-core] [yocto-security] OE-core CVE metrics for master on Sun 24 Mar 2024 01:00:01 AM HST

I’m getting slightly concerned, no new CVEs second week in a row? Did the checker break? Alex On Sun 24. Mar 2024 at 12.18, Steve Sakoman wrote: > Branch: master > > New this week: 0 CVEs > > Removed this week: 0 CVEs > > Full list: Found 37 unpatched CVEs > CVE-2019-14899 (CVSS3: 7.4 HIGH):

[OE-core] OE-core CVE metrics for kirkstone on Sun 24 Mar 2024 03:00:01 AM HST

Branch: kirkstone New this week: 0 CVEs Removed this week: 0 CVEs Full list: Found 44 unpatched CVEs CVE-2021-35937 (CVSS3: 6.4 MEDIUM): rpm:rpm-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35937 * CVE-2021-35938 (CVSS3: 6.7 MEDIUM): rpm:rpm-native

[OE-core] OE-core CVE metrics for dunfell on Sun 24 Mar 2024 02:00:01 AM HST

Branch: dunfell New this week: 0 CVEs Removed this week: 0 CVEs Full list: Found 110 unpatched CVEs CVE-2020-15705 (CVSS3: 6.4 MEDIUM): grub:grub-efi:grub-efi-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-15705 * CVE-2020-25742 (CVSS3: 3.2 LOW):

[OE-core] OE-core CVE metrics for master on Sun 24 Mar 2024 01:00:01 AM HST

Branch: master New this week: 0 CVEs Removed this week: 0 CVEs Full list: Found 37 unpatched CVEs CVE-2019-14899 (CVSS3: 7.4 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14899 * CVE-2021-3714 (CVSS3: 5.9 MEDIUM): linux-yocto