Hello everyone, I would like to ask you how to proceed with multiple CVEs for Google Go component in kirkstone branch.
CVEs in current version 1.17.13: - CVE-2022-41722 - CVE-2022-41725 - CVE-2022-41724 - CVE-2022-41723 They are fixed in 1.19.6/1.20.1 branches, but a fixing patches are available for all of them too. Unfortunately there is more then ~1000 changed LOC. So not sure if this is the right approach to apply them. Not sure if the upgrade is acceptable. So how to proceed with this? I know, that they aren't a critical one, but would be nice to have them fixed. Regards, Andrej
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#178089): https://lists.openembedded.org/g/openembedded-core/message/178089 Mute This Topic: https://lists.openembedded.org/mt/97444547/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
