From: Changqing Li
Yocto based systems will sometimes have log_lock.pid left in target
filesystems. Users typing 'ls /' will notice it, and will never be
removed.
It happened when log rotate happened, refer [1], since the problem
descripted in patch 0001-lock.py-fix-Exception-handling.patch,
https://www.darkreading.com/cybersecurity-operations/nist-vuln-database-downshifts-prompting-questions-about-its-future> Next week, vulnerability researchers will gather for the VulnCon conference in Raleigh, N.C., where an "NVD symposium" is on the agenda. Perhaps more details will emerge then.
Branch: nanbield
New this week: 11 CVEs
CVE-2023-52448 (CVSS3: 5.5 MEDIUM): linux-yocto
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-52448 *
CVE-2023-52449 (CVSS3: 5.5 MEDIUM): linux-yocto
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-52449 *
CVE-2023-52450 (CVSS3: 5.5
https://www.scmagazine.com/news/update-delays-to-nist-vulnerability-database-alarms-researchers
On Sun, Mar 24, 2024, 4:11 AM Alexander Kanavin
wrote:
> I’m getting slightly concerned, no new CVEs second week in a row? Did the
> checker break?
>
> Alex
>
> On Sun 24. Mar 2024 at 12.18, Steve
I’m getting slightly concerned, no new CVEs second week in a row? Did the
checker break?
Alex
On Sun 24. Mar 2024 at 12.18, Steve Sakoman wrote:
> Branch: master
>
> New this week: 0 CVEs
>
> Removed this week: 0 CVEs
>
> Full list: Found 37 unpatched CVEs
> CVE-2019-14899 (CVSS3: 7.4 HIGH):
Branch: kirkstone
New this week: 0 CVEs
Removed this week: 0 CVEs
Full list: Found 44 unpatched CVEs
CVE-2021-35937 (CVSS3: 6.4 MEDIUM): rpm:rpm-native
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35937 *
CVE-2021-35938 (CVSS3: 6.7 MEDIUM): rpm:rpm-native
Branch: dunfell
New this week: 0 CVEs
Removed this week: 0 CVEs
Full list: Found 110 unpatched CVEs
CVE-2020-15705 (CVSS3: 6.4 MEDIUM): grub:grub-efi:grub-efi-native
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-15705 *
CVE-2020-25742 (CVSS3: 3.2 LOW):
Branch: master
New this week: 0 CVEs
Removed this week: 0 CVEs
Full list: Found 37 unpatched CVEs
CVE-2019-14899 (CVSS3: 7.4 HIGH): linux-yocto
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14899 *
CVE-2021-3714 (CVSS3: 5.9 MEDIUM): linux-yocto