On 9 February 2016 at 10:33, Alexander Kanavin < alexander.kana...@linux.intel.com> wrote:
> On 02/09/2016 03:29 AM, Armin Kuster wrote: > >> From: Armin Kuster <akus...@mvista.com> >> >> Signed-off-by: Armin Kuster <akus...@mvista.com> >> --- >> .../nettle/nettle-3.1.1/CVE-2015-8804.patch | 281 >> +++++++++++++++++++++ >> meta/recipes-support/nettle/nettle_3.1.1.bb | 1 + >> > > Why not update to latest upstream (3.2) instead? Yes, if both of these CVEs are fixed in 3.2 then master should upgrade (with stable branches getting the patches if deemed severe enough). Ross
-- _______________________________________________ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core
