[CentOS-devel] Do we know the reason why this below listed CVEs will not be fixed For elfutils-libelf, elfutils-libs and elfutils pakages ?

John R. Dennison jrd at gerdesas.com
Fri Jun 29 06:11:53 UTC 2018


On Fri, Jun 29, 2018 at 05:43:04AM +0000, Veetil, Vyshnav wrote:
> Do we know the reason why this below listed CVEs will not be fixed
> For elfutils-libelf,elfutils-libs and elfutils pakages ?
> 1.CVE-2017-7607
> 2.CVE-2017-7608
> 3.CVE-2017-7609
> 4.CVE-2017-7610
> 5.CVE-2017-7611
> 6.CVE-2017-7612
> 7.CVE-2017-7613

Probably because they are all marked as Low impact.  Past that you will
need to ask Redhat as the project only rebuilds upstream sources.





							John
-- 
The best inheritance a parent can give to his children is a few minutes of
their time each day.

-- Orlando Aloysius Battista (1917-1995), Canadian-American chemist and author



-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: <http://lists.centos.org/pipermail/centos-devel/attachments/20180629/fd10bd22/attachment.sig>


More information about the CentOS-devel mailing list