* OE-core CVE metrics for master on Sun 01 Sep 2024 01:00:01 AM HST
@ 2024-09-01 11:18 steve
2024-09-02 13:25 ` [yocto-security] " Richard Purdie
0 siblings, 1 reply; 3+ messages in thread
From: steve @ 2024-09-01 11:18 UTC (permalink / raw)
To: openembedded-core, yocto-security
Branch: master
New this week: 0 CVEs
Removed this week: 25 CVEs
CVE-2019-14899 (CVSS3: 7.4 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14899 *
CVE-2021-3714 (CVSS3: 5.9 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3714 *
CVE-2021-3864 (CVSS3: 7.0 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3864 *
CVE-2022-0400 (CVSS3: 7.5 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0400 *
CVE-2022-1247 (CVSS3: 7.0 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1247 *
CVE-2022-38096 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38096 *
CVE-2022-4543 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-4543 *
CVE-2023-1386 (CVSS3: 7.8 HIGH): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-1386 *
CVE-2023-3397 (CVSS3: 6.3 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3397 *
CVE-2023-3640 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3640 *
CVE-2023-4010 (CVSS3: 4.6 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4010 *
CVE-2023-51767 (CVSS3: 7.0 HIGH): openssh https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-51767 *
CVE-2023-6238 (CVSS3: 6.7 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6238 *
CVE-2023-6240 (CVSS3: 6.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6240 *
CVE-2023-6535 (CVSS3: 7.5 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6535 *
CVE-2024-32928 (CVSS3: 5.9 MEDIUM): curl:curl-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-32928 *
CVE-2024-35325 (CVSS3: N/A): libyaml:libyaml-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-35325 *
CVE-2024-42262 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-42262 *
CVE-2024-42263 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-42263 *
CVE-2024-42268 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-42268 *
CVE-2024-42269 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-42269 *
CVE-2024-42270 (CVSS3: 5.5 MEDIUM): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-42270 *
CVE-2024-42271 (CVSS3: 7.8 HIGH): linux-yocto https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-42271 *
CVE-2024-6505 (CVSS3: 6.8 MEDIUM): qemu:qemu-native:qemu-system-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-6505 *
CVE-2024-7592 (CVSS3: 7.5 HIGH): python3:python3-native https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-7592 *
Full list: Found 0 unpatched CVEs
Summary of CVE counts by recipe:
For further information see: https://autobuilder.yocto.io/pub/non-release/patchmetrics/
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [yocto-security] OE-core CVE metrics for master on Sun 01 Sep 2024 01:00:01 AM HST
2024-09-01 11:18 OE-core CVE metrics for master on Sun 01 Sep 2024 01:00:01 AM HST steve
@ 2024-09-02 13:25 ` Richard Purdie
2024-09-02 13:44 ` Marta Rybczynska
0 siblings, 1 reply; 3+ messages in thread
From: Richard Purdie @ 2024-09-02 13:25 UTC (permalink / raw)
To: steve, openembedded-core, yocto-security
On Sun, 2024-09-01 at 01:18 -1000, Steve Sakoman via lists.yoctoproject.org wrote:
> Full list: Found 0 unpatched CVEs
Much as I wish that were true... :/
Cheers,
Richard
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [yocto-security] OE-core CVE metrics for master on Sun 01 Sep 2024 01:00:01 AM HST
2024-09-02 13:25 ` [yocto-security] " Richard Purdie
@ 2024-09-02 13:44 ` Marta Rybczynska
0 siblings, 0 replies; 3+ messages in thread
From: Marta Rybczynska @ 2024-09-02 13:44 UTC (permalink / raw)
To: richard.purdie; +Cc: steve, openembedded-core, yocto-security
[-- Attachment #1: Type: text/plain, Size: 916 bytes --]
NVD's certificate has expired. At this moment some servers have the new
one, some the old one. Expect strange issues.
Mata
On Mon, Sep 2, 2024 at 3:25 PM Richard Purdie via lists.yoctoproject.org
<richard.purdie=linuxfoundation.org@lists.yoctoproject.org> wrote:
> On Sun, 2024-09-01 at 01:18 -1000, Steve Sakoman via
> lists.yoctoproject.org wrote:
> > Full list: Found 0 unpatched CVEs
>
> Much as I wish that were true... :/
>
> Cheers,
>
> Richard
>
> -=-=-=-=-=-=-=-=-=-=-=-
> Links: You receive all messages sent to this group.
> View/Reply Online (#1245):
> https://lists.yoctoproject.org/g/yocto-security/message/1245
> Mute This Topic: https://lists.yoctoproject.org/mt/108208321/5827677
> Group Owner: yocto-security+owner@lists.yoctoproject.org
> Unsubscribe: https://lists.yoctoproject.org/g/yocto-security/unsub [
> rybczynska@gmail.com]
> -=-=-=-=-=-=-=-=-=-=-=-
>
>
[-- Attachment #2: Type: text/html, Size: 1853 bytes --]
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2024-09-02 13:44 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2024-09-01 11:18 OE-core CVE metrics for master on Sun 01 Sep 2024 01:00:01 AM HST steve
2024-09-02 13:25 ` [yocto-security] " Richard Purdie
2024-09-02 13:44 ` Marta Rybczynska
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox