[Buildroot] [PATCH] package/ripgrep: ignore CVE-2021-3013 as Windows only
Peter Korsgaard
peter at korsgaard.com
Wed Oct 6 15:22:16 UTC 2021
>>>>> "sam" == sam voss <sam.voss at gmail.com> writes:
> From: Sam Voss <sam.voss at gmail.com>
> CVE-2021-3013 does not impact any buildroot versions of ripgrep as it is
> a Windows-only exploit targeting ripgrep versions earlier than 13. It
> can be safely ignored on our LTS branches.
> Signed-off-by: Sam Voss <sam.voss at gmail.com>
> ---
> Note: Please apply this patch to:
> * 2021.02.x
> * 2021.05.x
> * 2021.08.x
> Master currently has version 13, which does not report this CVE.
Committed to 2021.02.x, 2021.05.x and 2021.08.x, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list