Sure, Ross. I will send the patch to backport the "CVE-2021-3782" fix on wayland 1.20.0 version.
Best Regards, Narpat ________________________________ From: Ross Burton <ross.bur...@arm.com> Sent: Friday, October 28, 2022 9:41:28 PM To: Mali, Narpat <narpat.m...@windriver.com> Cc: openembedded-core@lists.openembedded.org <openembedded-core@lists.openembedded.org>; Polampalli, Archana <archana.polampa...@windriver.com>; G Pillai, Hari <hari.gpil...@windriver.com>; Alexander Kanavin <a...@linutronix.de>; Alexandre Belloni <alexandre.bell...@bootlin.com> Subject: Re: [OE-core][kirkstone][PATCH 2/2] wayland: update 1.20.0 -> 1.21.0 [Please note: This e-mail is from an EXTERNAL e-mail address] On 28 Oct 2022, at 17:08, Mali, Narpat <narpat.m...@windriver.com> wrote: > > This latest version of wayland 1.21.0 has the fix for "CVE-2021-3782" and in > master branch, it has already been upgraded to latest 1.21.0 version. > Our product is based on "kirkstone" branch and in "kirkstone" branch, it is > still with 1.20.0 version due to which "CVE-2021-3782" is vulnerable. https://gitlab.freedesktop.org/wayland/wayland/-/compare/1.20.0...1.21.0?from_project_id=121 shows that there’s a lot more than the CVE fix in the upgrade. Can you just backport the specific fix? Ross
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#172289): https://lists.openembedded.org/g/openembedded-core/message/172289 Mute This Topic: https://lists.openembedded.org/mt/94629704/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
