Report for review: Triage of CVEs 1-40

($INBOX_DIR/description missing)
 help / color / mirror / Atom feed

From: Ninette Adhikari <ninette@neighbourhood.ie>
To: openembedded-devel@lists.openembedded.org
Cc: engineering@neighbourhood.ie
Subject: Report for review: Triage of CVEs 1-40
Date: Thu, 18 Apr 2024 11:08:55 +0200	[thread overview]
Message-ID: <CAG1aeW3Ciiqh-h6nQoET2rX6DdpcWOOpe=n9BK2gZAsE-mx-xQ@mail.gmail.com> (raw)

[-- Attachment #1: Type: text/plain, Size: 907 bytes --]

Dear OpenEmbedded contributors,

This email contains a review of 40 CVEs from the status list:
https://autobuilder.yocto.io/pub/non-release/patchmetrics-meta-oe/cve-status-master.txt
This work is done as part of "Milestone 1. Triage CVEs 1-40" as stated in
the Scope of Work with Sovereign Tech Fund (STF) (
https://www.sovereigntechfund.de/).

The report is saved as HTML file here:
https://clients.neighbourhood.ie/yocto/1-40.html
We can also provide this in any other format that might be convenient for
you. Please let us know.

The report contains a review of 40 CVEs including the following:
- Package versions affected
- Current package version on 'meta-openembedded'
- Notes on how the CVE can be addressed

Please note that for the CVEs marked as 'invalid', separate patch status
updates have been sent to this mailing-list:
openembedded-devel@lists.openembedded.org.

Thanks,
Neighbourhoodie team

[-- Attachment #2: Type: text/html, Size: 1282 bytes --]

                 reply	other threads:[~2024-04-18  9:09 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CAG1aeW3Ciiqh-h6nQoET2rX6DdpcWOOpe=n9BK2gZAsE-mx-xQ@mail.gmail.com' \
    --to=ninette@neighbourhood.ie \
    --cc=engineering@neighbourhood.ie \
    --cc=openembedded-devel@lists.openembedded.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).