From: Thomas Petazzoni via buildroot <buildroot@buildroot.org>
To: "Raphaël Mélotte" <raphael.melotte@mind.be>
Cc: "Angelo Compagnucci" <angelo.compagnucci@gmail.com>,
"Raphaël Mélotte via buildroot" <buildroot@buildroot.org>
Subject: Re: [Buildroot] [PATCH 1/1] package/apparmor: ignore CVE-2016-1585
Date: Wed, 23 Apr 2025 17:37:25 +0200 [thread overview]
Message-ID: <20250423173725.35e2ccba@windsurf> (raw)
In-Reply-To: <da0254de-812c-493b-ae1f-e96e399179ed@mind.be>
Hello Raphaël,
On Wed, 23 Apr 2025 17:32:48 +0200
Raphaël Mélotte <raphael.melotte@mind.be> wrote:
> No, I haven't.
> I've made such reports in the past and I get the impression that
> while they sometimes do get processed, sometimes they don't (or with
> a long delay?).
On my side, they always replied, but with a huge delay.
That being said, I'm sure you're aware that federal agencies in the US
are these days having some sort of troubles in getting their funding,
which might explain some of the slowness :-)
> That's a good point, I don't think pkg-stats reports such issues with
> our CVE entries yet so we have no way to find and remove those
> entries.
>
> I gave it a quick try:
> https://patchwork.ozlabs.org/project/buildroot/patch/20250423152906.1017522-1-raphael.melotte@mind.be/
Super nice! Out of curiosity, do we have stale entries as of today?
But with that in place, I would definitely be more keen to accept
IGNORE_CVES entries for things that ultimately should be fixed in NVD's
database.
Best regards,
Thomas
--
Thomas Petazzoni, co-owner and CEO, Bootlin
Embedded Linux and Kernel engineering and training
https://bootlin.com
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
next prev parent reply other threads:[~2025-04-23 15:37 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-04-14 14:11 [Buildroot] [PATCH 1/1] package/apparmor: ignore CVE-2016-1585 Raphaël Mélotte via buildroot
2025-04-19 14:05 ` Thomas Petazzoni via buildroot
2025-04-23 15:32 ` Raphaël Mélotte via buildroot
2025-04-23 15:37 ` Thomas Petazzoni via buildroot [this message]
2025-04-23 15:57 ` Raphaël Mélotte via buildroot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250423173725.35e2ccba@windsurf \
--to=buildroot@buildroot.org \
--cc=angelo.compagnucci@gmail.com \
--cc=raphael.melotte@mind.be \
--cc=thomas.petazzoni@bootlin.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox