Dear OpenEmbedded contributors, This email contains a review of the remaining CVEs from the status list: https://autobuilder.yocto.io/pub/non-release/patchmetrics-meta-oe/cve-status-master.txt This work is done as part of "Milestones 3, 4, 5 and 6. Triage CVEs" as stated in the Scope of Work with Sovereign Tech Fund (STF) ( https://www.sovereigntechfund.de/).
The reports are saved as HTML files here: - Milestone 3: https://clients.neighbourhood.ie/yocto/81-120.html - Milestone 4: https://clients.neighbourhood.ie/yocto/121-160.html - Milestone 5: https://clients.neighbourhood.ie/yocto/161-200.html - Milestone 6: https://clients.neighbourhood.ie/yocto/201-221.html The reports contains a review of the CVEs including the following: - Package versions affected - Current package version on 'meta-openembedded' - Notes on how the CVE can be addressed Please note that for the CVEs marked as 'invalid', separate patch status updates have been sent to this mailing-list: openembedded-devel@lists.openembedded.org. The collection of all emails we've sent to NIST are saved here https://clients.neighbourhood.ie/yocto/NIST.html We can also provide this in any other format that might be convenient for you. Please let us know. Thanks, Neighbourhoodie team -- The Neighbourhoodie Software GmbH Harzer Straße 39, 12059 Berlin neighbourhood.ie Handelsregister HRB 157851 B Amtsgericht Charlottenburg Geschäftsführung: Jan Lehnardt, Simone Haas
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#111251): https://lists.openembedded.org/g/openembedded-devel/message/111251 Mute This Topic: https://lists.openembedded.org/mt/107034729/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-