From: Alexander Kanavin <alexander.kanavin@linux.intel.com>
To: openembedded-core@lists.openembedded.org
Subject: Re: [PATCH 6/7] webkitgtk: update to 2.10.7
Date: Tue, 16 Feb 2016 16:34:29 +0200 [thread overview]
Message-ID: <56C33375.4040200@linux.intel.com> (raw)
In-Reply-To: <56BCDC10.8050901@gmail.com>
On 02/11/2016 09:08 PM, akuster808 wrote:
> this update includes:
>
>
> CVE-2015-7096
> Versions affected: WebKitGTK+ before 2.10.5.
>
> CVE-2015-7098
> Versions affected: WebKitGTK+ before 2.10.5.
>
>
> http://webkitgtk.org/security.html
Yes, which means that jethro (which has 2.8.5) needs the same update.
Generally, this manual check for vulnerabilities is error-prone and
doesn't scale. We really should automate cve checks (using
cve-check-tool or something similar) when doing package builds, I'll try
to look if it's feasible. There's been an open bug for a long time:
https://bugzilla.yoctoproject.org/show_bug.cgi?id=7515
Alex
next prev parent reply other threads:[~2016-02-16 14:37 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-02-10 12:42 [PATCH 0/7] Version updates Alexander Kanavin
2016-02-10 12:42 ` [PATCH 1/7] ffmpeg: update to 2.8.6 Alexander Kanavin
2016-02-11 19:05 ` akuster808
2016-02-24 1:55 ` Martin Jansa
2016-02-24 12:34 ` Alexander Kanavin
2016-02-24 13:16 ` Martin Jansa
2016-02-24 13:28 ` Alexander Kanavin
2016-02-24 13:51 ` Martin Jansa
2016-02-10 12:42 ` [PATCH 2/7] gstreamer1.0: fix upstream check for unstable versions from git Alexander Kanavin
2016-02-10 12:42 ` [PATCH 3/7] bash-completion: fix upstream version check Alexander Kanavin
2016-02-10 12:42 ` [PATCH 4/7] iso-codes: update to 3.65 Alexander Kanavin
2016-02-10 12:42 ` [PATCH 5/7] libwnck3: update to 3.14.1 Alexander Kanavin
2016-02-10 12:42 ` [PATCH 6/7] webkitgtk: update to 2.10.7 Alexander Kanavin
2016-02-11 19:08 ` akuster808
2016-02-16 14:34 ` Alexander Kanavin [this message]
2016-02-16 15:55 ` akuster808
2016-02-24 11:55 ` Alexander Kanavin
2016-02-24 17:19 ` akuster808
2016-02-25 13:55 ` Alexander Kanavin
2016-02-10 12:42 ` [PATCH 7/7] pixz: fix upstream version check Alexander Kanavin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=56C33375.4040200@linux.intel.com \
--to=alexander.kanavin@linux.intel.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox