From: Peter Korsgaard <peter@korsgaard.com>
To: Thomas Petazzoni via buildroot <buildroot@buildroot.org>
Cc: Romain Naour <romain.naour@gmail.com>,
peter.verbrugge@technolution.nl,
"Yann E. MORIN" <yann.morin.1998@free.fr>,
Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Subject: Re: [Buildroot] [PATCH 1/3] package/glibc: add proper CPE ID version detail
Date: Sun, 07 Jan 2024 23:26:10 +0100 [thread overview]
Message-ID: <87cyuczsot.fsf@48ers.dk> (raw)
In-Reply-To: <20231220200110.1819507-1-thomas.petazzoni@bootlin.com> (Thomas Petazzoni via buildroot's message of "Wed, 20 Dec 2023 21:01:07 +0100")
>>>>> "Thomas" == Thomas Petazzoni via buildroot <buildroot@buildroot.org> writes:
> As reported in bug 15895, the GLIBC_VERSION field having a value
> looking like 2.38-27-g750a45a783906a19591fb8ff6b7841470f1f5701, it
> prevents the CPE/CVE matching with the NVD database to work correctly.
> This commit fixes that by defining GLIBC_CPE_ID_VERSION, derived from
> GLIBC_VERSION, by extracting the base version.
> Also, we update GLIBC_IGNORE_CVES to account for the CVEs that have
> clearly been fixed between 2.38 and
> 2.38-27-g750a45a783906a19591fb8ff6b7841470f1f5701. There are a number
> of other CVEs still affecting the glibc package, but they are not
> related to this
> 2.38...2.38-27-g750a45a783906a19591fb8ff6b7841470f1f5701 range.
> Fixes: #15895
> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Committed to 2023.02.x (after adjusting to 2.36.x hashes) and 2023.11.x,
thanks.
--
Bye, Peter Korsgaard
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
prev parent reply other threads:[~2024-01-07 22:26 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-12-20 20:01 [Buildroot] [PATCH 1/3] package/glibc: add proper CPE ID version detail Thomas Petazzoni via buildroot
2023-12-20 20:01 ` [Buildroot] [PATCH 2/3] package/glibc: ignore CVEs not considered as security issues by upstream Thomas Petazzoni via buildroot
2023-12-23 10:22 ` Yann E. MORIN
2024-01-07 22:26 ` Peter Korsgaard
2023-12-20 20:01 ` [Buildroot] [PATCH 3/3] package/glibc: ignore CVE-2023-0687, disputed Thomas Petazzoni via buildroot
2023-12-23 10:19 ` Yann E. MORIN
2024-02-06 14:13 ` Thomas Petazzoni via buildroot
2023-12-23 10:20 ` [Buildroot] [PATCH 1/3] package/glibc: add proper CPE ID version detail Yann E. MORIN
2024-01-07 22:26 ` Peter Korsgaard [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87cyuczsot.fsf@48ers.dk \
--to=peter@korsgaard.com \
--cc=buildroot@buildroot.org \
--cc=peter.verbrugge@technolution.nl \
--cc=romain.naour@gmail.com \
--cc=thomas.petazzoni@bootlin.com \
--cc=yann.morin.1998@free.fr \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.