Did ten minutes digging into some recent issues: > CVE-2021-3507: qemu:qemu-native:qemu-system-native > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3507 *
No fixes in flight for this. > CVE-2021-35331: tcl:tcl-native > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35331 * Disputed as the issue is in build-time tooling. > CVE-2021-35942: glibc > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-35942 * Fixed in the upstream 2.33 branch, so easily merged. > CVE-2021-36976: libarchive:libarchive-native > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-36976 * https://github.com/libarchive/libarchive/issues/1554. Patches in flight. Ross
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#154615): https://lists.openembedded.org/g/openembedded-core/message/154615 Mute This Topic: https://lists.openembedded.org/mt/84747518/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-