On Sun, Sep 10, 2023 at 8:54 AM Marta Rybczynska <rybczyn...@gmail.com> wrote:
> > > On Sun, 10 Sept 2023, 17:14 Khem Raj, <raj.k...@gmail.com> wrote: > >> On Sun, Sep 10, 2023 at 4:18 AM Steve Sakoman <st...@sakoman.com> wrote: >> > >> > Branch: master >> > >> > New this week: 10 CVEs >> > CVE-2022-3563 (CVSS3: 5.7 MEDIUM): bluez5 >> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3563 * >> > CVE-2022-3637 (CVSS3: 5.5 MEDIUM): bluez5 >> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3637 * >> >> These two are addressed in the 5.69 release which is already in >> master. So I wonder how the CVE scanner missed it. > > > The NVD entry does not include any version numbers, so all bluez versions > are matched as vulnerable. Have you mailed them? Can do it if you haven't. > I have not so please go ahead > Kind regards, > Marta >
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#187471): https://lists.openembedded.org/g/openembedded-core/message/187471 Mute This Topic: https://lists.openembedded.org/mt/101270898/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-