On 28 Oct 2022, at 17:08, Mali, Narpat <narpat.m...@windriver.com> wrote: > > This latest version of wayland 1.21.0 has the fix for "CVE-2021-3782" and in > master branch, it has already been upgraded to latest 1.21.0 version. > Our product is based on "kirkstone" branch and in "kirkstone" branch, it is > still with 1.20.0 version due to which "CVE-2021-3782" is vulnerable.
https://gitlab.freedesktop.org/wayland/wayland/-/compare/1.20.0...1.21.0?from_project_id=121 shows that there’s a lot more than the CVE fix in the upgrade. Can you just backport the specific fix? Ross
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#172265): https://lists.openembedded.org/g/openembedded-core/message/172265 Mute This Topic: https://lists.openembedded.org/mt/94629704/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
