[prev in list] [next in list] [prev in thread] [next in thread]
List: busybox
Subject: Re: Support required to fix for vulnerable component in busybox
From: Radoslav Kolev <radoslav.kolev () suse ! com>
Date: 2022-06-21 6:47:21
Message-ID: 105f0bd0-3de8-b007-594e-310585228a90 () suse ! com
[Download RAW message or body]
On 6/17/22 4:51 PM, Ulrich Eckhardt wrote:
> That version is pretty old, so I'd upgrade. Also, which
> vulnerability exactly are you referring to, is it already known and
> perhaps patched in the latest version?
Sometimes major version upgrades are not feasible, so patches have to be
backported.
In such cases it would be extremely useful to mention the related CVEs
in the commit message when a commit fixes a security issue.
Unfortunately that's quite rarely seen in the busybox git repo and I,
for one will be thankful to any busybox developer who chooses to do so.
BR,
Radoslav
_______________________________________________
busybox mailing list
busybox@busybox.net
http://lists.busybox.net/mailman/listinfo/busybox
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic