Re: [OE-core] [yocto-security] OE-core CVE metrics for master on Sun 24 Mar 2024 01:00:01 AM HST

On Mar 28, 2024, at 12:37, Alexander Kanavin wrote: > > On Thu, 28 Mar 2024 at 17:28, Marta Rybczynska wrote: >> I think you weren't there at the weekly meeting when we discussed >> that: it started around Feb 14th and I see that in my data >> (I have a daily report). >> >> To make the story

Re: [OE-core] [yocto-security] OE-core CVE metrics for master on Sun 24 Mar 2024 01:00:01 AM HST

On Thu, 28 Mar 2024 at 17:28, Marta Rybczynska wrote: > I think you weren't there at the weekly meeting when we discussed > that: it started around Feb 14th and I see that in my data > (I have a daily report). > > To make the story short: NVD is close to 0 activity since mid-February > and there

Re: [OE-core] [yocto-security] OE-core CVE metrics for master on Sun 24 Mar 2024 01:00:01 AM HST

On Sun, Mar 24, 2024 at 3:11 PM Alexander Kanavin wrote: > > I’m getting slightly concerned, no new CVEs second week in a row? Did the > checker break? > I think you weren't there at the weekly meeting when we discussed that: it started around Feb 14th and I see that in my data (I have a daily

Re: [OE-core] [yocto-security] OE-core CVE metrics for master on Sun 24 Mar 2024 01:00:01 AM HST

On Sun, Mar 24, 2024 at 3:25 PM Rich Persaud wrote: > > https://www.darkreading.com/cybersecurity-operations/nist-vuln-database-downshifts-prompting-questions-about-its-future > > > Next week, vulnerability researchers will gather for the VulnCon conference > > in Raleigh, N.C., where an "NVD

Re: [OE-core] [yocto-security] OE-core CVE metrics for master on Sun 24 Mar 2024 01:00:01 AM HST

https://www.darkreading.com/cybersecurity-operations/nist-vuln-database-downshifts-prompting-questions-about-its-future> Next week, vulnerability researchers will gather for the VulnCon conference in Raleigh, N.C., where an "NVD symposium" is on the agenda. Perhaps more details will emerge then.   

Re: [OE-core] [yocto-security] OE-core CVE metrics for master on Sun 24 Mar 2024 01:00:01 AM HST

https://www.scmagazine.com/news/update-delays-to-nist-vulnerability-database-alarms-researchers On Sun, Mar 24, 2024, 4:11 AM Alexander Kanavin wrote: > I’m getting slightly concerned, no new CVEs second week in a row? Did the > checker break? > > Alex > > On Sun 24. Mar 2024 at 12.18, Steve

Re: [OE-core] [yocto-security] OE-core CVE metrics for master on Sun 24 Mar 2024 01:00:01 AM HST

I’m getting slightly concerned, no new CVEs second week in a row? Did the checker break? Alex On Sun 24. Mar 2024 at 12.18, Steve Sakoman wrote: > Branch: master > > New this week: 0 CVEs > > Removed this week: 0 CVEs > > Full list: Found 37 unpatched CVEs > CVE-2019-14899 (CVSS3: 7.4 HIGH):