[Buildroot] [autobuild.buildroot.net] Daily results for 2020-09-06
Nicolas Cavallari
nicolas.cavallari at green-communications.fr
Mon Sep 7 09:47:59 UTC 2020
On 07/09/2020 09:08, Thomas Petazzoni wrote:>
libgit2 | CVE-2014-9390 |
https://security-tracker.debian.org/tracker/CVE-2014-9390
So libgit2 is affected by a 6 year old security vulnerability that has
been fixed before the package was actually introduced in buildroot...
This apparently comes directly from the nvd database, do i wait for it
to be fixed, or should i add it to LIBGIT2_IGNORE_CVES ? The manual
doesn't say anything about this case.
More information about the buildroot
mailing list