* yocto-3.1.22/RELEASENOTES
@ 2023-01-23 8:55 Takayasu Ito
2023-01-25 15:10 ` [docs] yocto-3.1.22/RELEASENOTES Richard Purdie
0 siblings, 1 reply; 3+ messages in thread
From: Takayasu Ito @ 2023-01-23 8:55 UTC (permalink / raw)
To: poky; +Cc: docs
I was checking the following RELEASENOTE contents, and the CVE for
cairo vulnerability has already been fixed in 2019 and the change in the
PATCH file is that the status of the upstream PATCH has been changed
from pending to backported.
http://downloads.yoctoproject.org/releases/yocto/yocto-3.1.22/RELEASENOTES
--
Takayasu Ito
Yocto Project Ambassador
Solution Department Lineo Solutions, Inc.
https://www.lineo.co.jp/english/
Email: ito@lineo.co.jp
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [docs] yocto-3.1.22/RELEASENOTES
2023-01-23 8:55 yocto-3.1.22/RELEASENOTES Takayasu Ito
@ 2023-01-25 15:10 ` Richard Purdie
2023-01-26 0:14 ` [poky] " Takayasu Ito
0 siblings, 1 reply; 3+ messages in thread
From: Richard Purdie @ 2023-01-25 15:10 UTC (permalink / raw)
To: Takayasu Ito, poky; +Cc: docs
On Mon, 2023-01-23 at 17:55 +0900, Takayasu Ito wrote:
> I was checking the following RELEASENOTE contents, and the CVE for
> cairo vulnerability has already been fixed in 2019 and the change in the
> PATCH file is that the status of the upstream PATCH has been changed
> from pending to backported.
>
> http://downloads.yoctoproject.org/releases/yocto/yocto-3.1.22/RELEASENOTES
>
The patch was updated in:
https://git.yoctoproject.org/poky/commit/?h=dunfell&id=6e97ceb8586281a8d594a3a1ab9e303fd34e1d4a
which seems to match the change log and release notes? It wasn't just
the patch status but the patch itself as well?
Cheers,
Richard
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [poky] [docs] yocto-3.1.22/RELEASENOTES
2023-01-25 15:10 ` [docs] yocto-3.1.22/RELEASENOTES Richard Purdie
@ 2023-01-26 0:14 ` Takayasu Ito
0 siblings, 0 replies; 3+ messages in thread
From: Takayasu Ito @ 2023-01-26 0:14 UTC (permalink / raw)
To: Richard Purdie, poky; +Cc: docs
Considering that the Security Fixes section lists CVEs whose status has
been changed to fixed by this release, I think it is appropriate that
this update to the cairo patch file be listed under Fixes.
On 2023/01/26 0:10, Richard Purdie wrote:
> On Mon, 2023-01-23 at 17:55 +0900, Takayasu Ito wrote:
>> I was checking the following RELEASENOTE contents, and the CVE for
>> cairo vulnerability has already been fixed in 2019 and the change in the
>> PATCH file is that the status of the upstream PATCH has been changed
>> from pending to backported.
>>
>> http://downloads.yoctoproject.org/releases/yocto/yocto-3.1.22/RELEASENOTES
>>
>
> The patch was updated in:
>
> https://git.yoctoproject.org/poky/commit/?h=dunfell&id=6e97ceb8586281a8d594a3a1ab9e303fd34e1d4a
>
> which seems to match the change log and release notes? It wasn't just
> the patch status but the patch itself as well?
>
> Cheers,
>
> Richard
>
>
>
>
>
--
Takayasu Ito
Yocto Project Ambassador
Solution Department Lineo Solutions, Inc.
https://www.lineo.co.jp/english/
Email: ito@lineo.co.jp
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2023-01-26 0:14 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-01-23 8:55 yocto-3.1.22/RELEASENOTES Takayasu Ito
2023-01-25 15:10 ` [docs] yocto-3.1.22/RELEASENOTES Richard Purdie
2023-01-26 0:14 ` [poky] " Takayasu Ito
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).