[Buildroot] CVE analysis of the resiprocate package
Thomas Petazzoni
thomas.petazzoni at bootlin.com
Fri Sep 11 08:47:53 UTC 2020
On Fri, 11 Sep 2020 10:30:34 +0200
Gregory CLEMENT <gregory.clement at bootlin.com> wrote:
> Among the 2412 packages there are 121 packages for which CVEs refer to
> minor version.
Could you provide that list, as well as the CPE ID entries that have a
minor version, so that we can get a feeling of what it looks like ?
The question is how to deal with this minor version field. Ignore the
CPE ID when the minor version field is not "*" ? Something else ?
Thomas
--
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
More information about the buildroot
mailing list