* [Buildroot] CVE-2023-40548 version range fix
@ 2024-03-04 7:10 Peter Korsgaard
0 siblings, 0 replies; only message in thread
From: Peter Korsgaard @ 2024-03-04 7:10 UTC (permalink / raw)
To: nvd; +Cc: buildroot
Dear NVD maintainers,
Your entry at https://nvd.nist.gov/vuln/detail/CVE-2023-40548 for
CVE-2023-40548 states that the affected CPE ID is
cpe:2.3:a:redhat:shim:*:*:*:*:*:*:*:* Up to (including) 15.8
But actually, the bug was fixed in shim 15.8:
https://github.com/rhboot/shim/commit/96dccc255b16e9465dbee50b3cef6b3db74d11c8
And the CVE is also listed in the 15.8 release notes:
https://github.com/rhboot/shim/releases/tag/15.8
So it should be < 15.8. Do you think you could adjust the NVD entry for
this CVE ?
Thanks a lot in advance!
--
Bye, Peter Korsgaard
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2024-03-04 7:10 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2024-03-04 7:10 [Buildroot] CVE-2023-40548 version range fix Peter Korsgaard
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.