rand>
>> --
>> *From:* openembedded-core@lists.openembedded.org <
>> openembedded-core@lists.openembedded.org> on behalf of Steve Sakoman via
>> lists.openembedded.org
>> *Sent:* Wednesday, September 15, 2021 12:38 AM
>> *To
ent:* Wednesday, September 15, 2021 12:38 AM
> *To:* Steve Sakoman
> *Cc:* Patches and discussions about the oe-core layer <
> openembedded-core@lists.openembedded.org>
> *Subject:* Re: [OE-core] [PATCH] [master] [dunfell] [hardknott] Revert
> "db: update CVE_PRODUC
dnesday, September 15, 2021 12:38 AM
To: Steve Sakoman
Cc: Patches and discussions about the oe-core layer
Subject: Re: [OE-core] [PATCH] [master] [dunfell] [hardknott] Revert "db:
update CVE_PRODUCT"
Caution: This email originated from outside of the KPIT. Do not click links or
On Tue, 2021-09-14 at 15:32 -1000, Steve Sakoman wrote:
>
>
> On Tue, Sep 14, 2021, 3:15 PM Mittal, Anuj
> wrote:
> > On Tue, 2021-09-14 at 08:03 -1000, Steve Sakoman wrote:
> > > The CVE database correctly reports CVEs for oracle_berkley_db and
> > > berkley_db. We use the oracle_berkley_db
On Tue, Sep 14, 2021, 3:15 PM Mittal, Anuj wrote:
> On Tue, 2021-09-14 at 08:03 -1000, Steve Sakoman wrote:
> > The CVE database correctly reports CVEs for oracle_berkley_db and
> > berkley_db. We use the oracle_berkley_db source tree and therefore
> > should only check for oracle_berkely_db
On Tue, 2021-09-14 at 08:03 -1000, Steve Sakoman wrote:
> The CVE database correctly reports CVEs for oracle_berkley_db and
> berkley_db. We use the oracle_berkley_db source tree and therefore
> should only check for oracle_berkely_db CVEs. Otherwise the scanner
> falsely reports CVEs that are
On Tue, Sep 14, 2021 at 8:41 AM Steve Sakoman via
lists.openembedded.org
wrote:
>
> On Tue, Sep 14, 2021 at 8:04 AM Steve Sakoman via
> lists.openembedded.org
> wrote:
> >
> > The CVE database correctly reports CVEs for oracle_berkley_db and
> > berkley_db. We use the oracle_berkley_db source
On Tue, Sep 14, 2021 at 8:04 AM Steve Sakoman via
lists.openembedded.org
wrote:
>
> The CVE database correctly reports CVEs for oracle_berkley_db and
> berkley_db. We use the oracle_berkley_db source tree and therefore
> should only check for oracle_berkely_db CVEs. Otherwise the scanner
>
The CVE database correctly reports CVEs for oracle_berkley_db and
berkley_db. We use the oracle_berkley_db source tree and therefore
should only check for oracle_berkely_db CVEs. Otherwise the scanner
falsely reports CVEs that are fixed in oracle_berkley_db
This reverts commit