Hi, I'm not a big fan of commit messages saying that other branch has it fixed. But yes, I forgot to mark the CVE as fixed, so sent a v2.
Peter -----Original Message----- From: Mikko Rapeli <mikko.rap...@linaro.org> Sent: Monday, May 8, 2023 15:35 To: Marko, Peter (ADV D EU SK BFS1) <peter.ma...@siemens.com> Cc: yocto@lists.yoctoproject.org Subject: Re: [yocto] [meta-security][kirkstone][PATCH] tpm2-tss: upgrade to 3.2.2 to fix CVE-2023-22745 > Hi, > > Since master has 4.0.1 and CVE is impacting: > > https://nvd.nist.gov/vuln/detail/CVE-2023-22745 > > "Up to (including) > 4.0.0" > > then I guess master branch and 4.0.1 is not impacted. Would be nice to have > this info in commit message though. > > Cheers, > > -Mikko > > On Mon, May 08, 2023 at 03:23:34PM +0200, Peter Marko via > lists.yoctoproject.org wrote:
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#59906): https://lists.yoctoproject.org/g/yocto/message/59906 Mute This Topic: https://lists.yoctoproject.org/mt/98760863/21656 Group Owner: yocto+ow...@lists.yoctoproject.org Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
