* [Buildroot] CVE-2023-40548 version range fix
@ 2024-03-04 7:10 Peter Korsgaard
0 siblings, 0 replies; only message in thread
From: Peter Korsgaard @ 2024-03-04 7:10 UTC (permalink / raw)
To: nvd; +Cc: buildroot
Dear NVD maintainers,
Your entry at https://nvd.nist.gov/vuln/detail/CVE-2023-40548 for
CVE-2023-40548 states that the affected CPE ID is
cpe:2.3:a:redhat:shim:*:*:*:*:*:*:*:* Up to (including) 15.8
But actually, the bug was fixed in shim 15.8:
https://github.com/rhboot/shim/commit/96dccc255b16e9465dbee50b3cef6b3db74d11c8
And the CVE is also listed in the 15.8 release notes:
https://github.com/rhboot/shim/releases/tag/15.8
So it should be < 15.8. Do you think you could adjust the NVD entry for
this CVE ?
Thanks a lot in advance!
--
Bye, Peter Korsgaard
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2024-03-04 7:10 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2024-03-04 7:10 [Buildroot] CVE-2023-40548 version range fix Peter Korsgaard
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox