ji
From: Marta Rybczynska
Sent: Wednesday, October 4, 2023 12:59 PM
To: Matsunaga, Shinji/松永 慎司
Cc: Richard Purdie ; OE-core
Subject: Re: [OE-core] [PATCH] cve-check: Classify patched CVEs into 3 statuses
On Thu, 21 Sept 2023, 11:03 Matsunaga-Shinji,
mailto:shin.matsun...@fujitsu.com>>
t; lists.openembedded.org
> Sent: Thursday, September 21, 2023 11:03
> To: richard.pur...@linuxfoundation.org
> Cc: openembedded-core@lists.openembedded.org; shin.matsun...@fujitsu.com
> Subject: [OE-core] [PATCH] cve-check: Classify patched CVEs into 3 statuses
>
> > CVEs that are curr
On Thu, 21 Sept 2023, 11:03 Matsunaga-Shinji,
wrote:
> CVEs that are currently considered "Patched" are classified into the
> following 3 statuses:
> 1. "Patched" - means that a patch file that fixed the vulnerability
> has been applied
> 2. "Out of range" - means that the package version
atched"
Shinji
-Original Message-
From: Marko, Peter
Sent: Thursday, September 21, 2023 6:46 PM
To: Matsunaga, Shinji/松永 慎司 ;
richard.pur...@linuxfoundation.org
Cc: openembedded-core@lists.openembedded.org
Subject: RE: [OE-core] [PATCH] cve-check: Classify patched CVEs into 3 statuses
We have
Original Message-
From: openembedded-core@lists.openembedded.org
On Behalf Of Matsunaga-Shinji via
lists.openembedded.org
Sent: Thursday, September 21, 2023 11:03
To: richard.pur...@linuxfoundation.org
Cc: openembedded-core@lists.openembedded.org; shin.matsun...@fujitsu.com
Subject: [OE-cor
CVEs that are currently considered "Patched" are classified into the following
3 statuses:
1. "Patched" - means that a patch file that fixed the vulnerability has
been applied
2. "Out of range" - means that the package version (PV) is not subject to the
vulnerability
3. "Undecidable" -