On 1/16/23 6:53 AM, Valek, Andrej wrote:
Hi all,
The reason, why I'm asking especially like this, is that the problem is
inside the bundled zlib library. The "official" solution for fixing
(https://nvd.nist.gov/vuln/detail/CVE-2022-37434) is to update the
bundled zlib (https://github.com/grpc/
Hi all,
The reason, why I'm asking especially like this, is that the problem is
inside the bundled zlib library. The "official" solution for fixing
(https://nvd.nist.gov/vuln/detail/CVE-2022-37434) is to update the
bundled zlib (https://github.com/grpc/grpc/pull/31595) library, which
shouldn't be
On 2023-01-11 13:27, Khem Raj via lists.openembedded.org wrote:
On Wed, Jan 11, 2023 at 10:07 AM Steve Sakoman wrote:
Hi Andrej,
I'm the maintainer for openembedded-core, and gRPC is in
meta-openmebedded. So this isn't my call to make.
However we typically only take version bumps if they are
On Wed, Jan 11, 2023 at 10:07 AM Steve Sakoman wrote:
>
> Hi Andrej,
>
> I'm the maintainer for openembedded-core, and gRPC is in
> meta-openmebedded. So this isn't my call to make.
>
> However we typically only take version bumps if they are security/bug
> fix only releases. So if this is the ca
Hi Andrej,
I'm the maintainer for openembedded-core, and gRPC is in
meta-openmebedded. So this isn't my call to make.
However we typically only take version bumps if they are security/bug
fix only releases. So if this is the case, you can submit a patch.
But please be sure to include either rele
Hello Steve,
I have a question about gRPC. Would it be possible to backport
gRPC(grpc_1.50.1.bb) from master to kirkstone branch? There are some
CVEs reported (for the current version) and going to newer version
would be better solution I guess.
Thank you,
Andrej
-=-=-=-=-=-=-=-=-=-=-=-
Links: Y
