On 10/25/2017 07:40 AM, akuster808 wrote:
On 10/23/2017 03:29 AM, Alexander Kanavin wrote:
On 10/23/2017 10:44 AM, Li Zhou wrote:
Porting patch from <https://github.com/curl/curl/commit/
5ff2c5ff25750aba1a8f64fbcad8e5b891512584> to solve CVE-2017-1000254.
It's better to update to latest version (7.56) instead of backporting
patches, please do that.
Then these should be stagged for Rocko. Work has been done.
Only if master is also fixed at the same time (or sooner) - there cannot
be a situation where something is fixed in rocko, but not in master. I'm
fine if it's via CVE backports, but I would prefer a version upgrade.
Alex
--
_______________________________________________
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core
