The reasoning is that I didn't see that patch so I could react. It merged but it shouldn't have.
The standard policy is that we're not taking random snapshots in the middle of a development cycle, and there shouldn't be an exception for ncurses. Alex On Wed, 17 May 2023 at 10:33, Florin Diaconescu <florin.diaconescu...@gmail.com> wrote: > > What's the reasoning behind updating ncurses from 6.3 to 6.3+20220423 in > Kirkstone, then? > https://git.yoctoproject.org/poky/commit/meta/recipes-core/ncurses?h=kirkstone&id=e13ce12e4ad79100bd45c751203040ce2a6f1920 > > Looks like they updated for fixing a CVE as well, and they did not backport > the patch on top of 6.3. > "CVE: CVE-2022-29458" > > Florin > >
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#181478): https://lists.openembedded.org/g/openembedded-core/message/181478 Mute This Topic: https://lists.openembedded.org/mt/98944133/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
