> -----Original Message----- > From: [email protected] > <[email protected]> On Behalf Of Manoj Saun > Sent: den 9 december 2022 07:12 > To: [email protected] > Cc: [email protected]; [email protected]; > [email protected]; Manoj Saun <[email protected]> > Subject: [OE-core] [meta-core][PATCH 1/1] libksba: fix CVE-2022-3515 > > libksba: integer overflow may lead to remote code execution.
May I suggest using the above as subject instead of the current subject? E.g.: libksba: Avoid integer overflow that may lead to remote code execution It is much more informative about what the commit actually does than the CVE number. The CVE reference below should be enough for anyone looking for more information. > > Reference: > https://www.gnupg.org/blog/20221017-pepe-left-the-ksba.html > > Upstream-Status: Backport > [https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git;a=commit;h=4b7d9cd4a018898d7714ce06f3faf2626c14582b] > > CVE: CVE-2022-3515 > > Signed-off-by: Manoj Saun <[email protected]> //Peter
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#174435): https://lists.openembedded.org/g/openembedded-core/message/174435 Mute This Topic: https://lists.openembedded.org/mt/95533228/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
