[Buildroot] [PATCH 1/1] package/ed: annotate CVE-2015-2987

Fabrice Fontaine fontaine.fabrice at gmail.com
Sun Mar 1 20:22:57 UTC 2020


Le dim. 1 mars 2020 à 21:02, Thomas Petazzoni
<thomas.petazzoni at bootlin.com> a écrit :
>
> On Sun,  1 Mar 2020 20:46:37 +0100
> Fabrice Fontaine <fontaine.fabrice at gmail.com> wrote:
>
> > CVE-2015-2987 is misclassified (by our CVE tracker) as affecting ed,
> > while in fact it affects Type74 ED (http://type74.org/edman5-1.php).
> >
> > Signed-off-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>
>
> Same comment as for smack and argus: we need to add a CPE ID mapping
> mechanism, and not add these IGNORE_CVES entries.
OK, then I'll stop sending patches for those kind of issues ;-)
>
> Thomas
> --
> Thomas Petazzoni, CTO, Bootlin
> Embedded Linux and Kernel engineering
> https://bootlin.com


More information about the buildroot mailing list