Hello all, The prototype CVE check via the MITRE database is giving the following for scathgap today (adding maintainers of affected packages in copy):
CVE-2024-32002.json: affected: git 2.44.0 CVE-2024-32004.json: affected: git 2.44.0 CVE-2024-32020.json: affected: git 2.44.0 CVE-2024-32021.json: affected: git 2.44.0 CVE-2024-3205.json: affected: libyaml 0.2.5 CVE-2024-32465.json: affected: git 2.44.0 CVE-2024-33599.json: affected glibc 2.39 CVE-2024-33600.json: affected: glibc 2.39 CVE-2024-33601.json: affected: glibc 2.39 CVE-2024-33602.json: affected: glibc 2.39 I would also like to ask for volunteers to help with looking up the following CVEs and submitting fixes to https://github.com/mrybczyn/cvelistV5-overrides/tree/overrides if they are malformed: go: CVE-2024-24788, CVE=2024-24787 aiohttp: CVE-2024-30251 x server: CVE-2024-31053, CVE-2024-31082 bluez: CVE-2023-27349, CVE-2023-50229, CVE-2023-50230 gstreamer: CVE-2023-50186, CVE-2023-44446 less: CVE-2024-32407 ncurses: CVE-2023-45988 ofono: CVE-2023-4234, CVE-2023-4233 If you have any question on how to do that, ask me. Kind regards, Marta
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#199486): https://lists.openembedded.org/g/openembedded-core/message/199486 Mute This Topic: https://lists.openembedded.org/mt/106134181/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
