[Buildroot] [PATCH=2020.02.x] package/redis: bump version to 5.0.9

Thomas Petazzoni thomas.petazzoni at bootlin.com
Mon Jun 29 12:07:38 UTC 2020


On Mon, 29 Jun 2020 12:51:02 +0200
Thomas De Schampheleire <patrickdepinguin at gmail.com> wrote:

> Which reminds me of the fact that the package stats and associated CVE
> detection is currently only running on the master branch (that I know of).
> Which means that we are missing the CVE detection on the LTS branch.
> Does it take a lot of resources / Is it hard to do, enabling this on the
> LTS branch too (mostly the CVE part) ?

Running pkg-stats on other branches is really easy, I can make it
generate autobuild.buildroot/stats/2020.02.x.{html,json} for example.

However, what needs a bit more effort is to modify the e-mail
notification script to make use of that.

Note that my colleague Grégory is working on improving the CVE
infrastructure so that you can run a script on your specific Buildroot
version and configuration, and get the list of CVEs you are affected
by. I.e the same results as pkg-stats, but really tailored to your
Buildroot version/configuration. Hopefully Grégory will send the
patches soon.

Best regards,

Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering

More information about the buildroot mailing list