On 04/08/2013 07:54 PM, Richard Purdie wrote:
> On Mon, 2013-04-08 at 19:47 +0300, Radu Moisan wrote:
>> Dropped obolete patches and pulled updates for debian patches
> Isn't there some CVE this upgrade fixes which would be worth a mention
> in here?

With respect to what we had (1.0.0j) Scott pointed out the following

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2686
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0166
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0169

Yocto #3965  <https://bugzilla.yoctoproject.org/show_bug.cgi?id=3965>


Radu