mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-08-17 01:46:58 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1562 from flatcar-linux/kai/changelog-security-format

Browse Source 
changelog/README.md: specify current security fix section format
This commit is contained in:
Kai Lüke 2022-01-12 17:28:15 +01:00 committed by GitHub
commit df2c3ace99
8 changed files with 15 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
sdk_container/src/third_party/coreos-overlay/changelog/README.md vendored
View File

@ -29,3 +29,11 @@ As `Updates` refer to the package updates, contents of the file should be of
the following format: `- Package Name ([Version](link to changelog))`. Example:
`- Linux ([5.10.77](https://lwn.net/Articles/874852/))`. Note the leading dash
that will create a bullet list in the rendered markdown.
The security section follows this format:
```
- Package Name ([CVE-NUMBER](NIST-LINK), [CVE-NUMBER](NIST-LINK), ...)
```
E.g., `Linux ([CVE-2021-4002](https://nvd.nist.gov/vuln/detail/CVE-2021-4002), [CVE-2020-27820](https://nvd.nist.gov/vuln/detail/CVE-2020-27820))`.

3
sdk_container/src/third_party/coreos-overlay/changelog/security/2021-11-30-golang-text-ignition.md vendored
View File

@ -1,2 +1 @@
- [CVE-2020-14040](https://nvd.nist.gov/vuln/detail/CVE-2020-14040)
- [CVE-2021-38561](https://nvd.nist.gov/vuln/detail/CVE-2021-38561)
- Ignition ([CVE-2020-14040](https://nvd.nist.gov/vuln/detail/CVE-2020-14040), [CVE-2021-38561](https://nvd.nist.gov/vuln/detail/CVE-2021-38561))

19
sdk_container/src/third_party/coreos-overlay/changelog/security/2021-12-02-qemu-6.1.md vendored
View File

@ -1,18 +1 @@
- [CVE-2020-35504](https://nvd.nist.gov/vuln/detail/CVE-2020-35504)
- [CVE-2020-35505](https://nvd.nist.gov/vuln/detail/CVE-2020-35505)
- [CVE-2020-35506](https://nvd.nist.gov/vuln/detail/CVE-2020-35506)
- [CVE-2020-35517](https://nvd.nist.gov/vuln/detail/CVE-2020-35517)
- [CVE-2021-20203](https://nvd.nist.gov/vuln/detail/CVE-2021-20203)
- [CVE-2021-20255](https://nvd.nist.gov/vuln/detail/CVE-2021-20255)
- [CVE-2021-20257](https://nvd.nist.gov/vuln/detail/CVE-2021-20257)
- [CVE-2021-20263](https://nvd.nist.gov/vuln/detail/CVE-2021-20263)
- [CVE-2021-3409](https://nvd.nist.gov/vuln/detail/CVE-2021-3409)
- [CVE-2021-3416](https://nvd.nist.gov/vuln/detail/CVE-2021-3416)
- [CVE-2021-3527](https://nvd.nist.gov/vuln/detail/CVE-2021-3527)
- [CVE-2021-3544](https://nvd.nist.gov/vuln/detail/CVE-2021-3544)
- [CVE-2021-3545](https://nvd.nist.gov/vuln/detail/CVE-2021-3545)
- [CVE-2021-3546](https://nvd.nist.gov/vuln/detail/CVE-2021-3546)
- [CVE-2021-3582](https://nvd.nist.gov/vuln/detail/CVE-2021-3582)
- [CVE-2021-3607](https://nvd.nist.gov/vuln/detail/CVE-2021-3607)
- [CVE-2021-3608](https://nvd.nist.gov/vuln/detail/CVE-2021-3608)
- [CVE-2021-3682](https://nvd.nist.gov/vuln/detail/CVE-2021-3682)
- QEMU ([CVE-2020-35504](https://nvd.nist.gov/vuln/detail/CVE-2020-35504), [CVE-2020-35505](https://nvd.nist.gov/vuln/detail/CVE-2020-35505), [CVE-2020-35506](https://nvd.nist.gov/vuln/detail/CVE-2020-35506), [CVE-2020-35517](https://nvd.nist.gov/vuln/detail/CVE-2020-35517), [CVE-2021-20203](https://nvd.nist.gov/vuln/detail/CVE-2021-20203), [CVE-2021-20255](https://nvd.nist.gov/vuln/detail/CVE-2021-20255), [CVE-2021-20257](https://nvd.nist.gov/vuln/detail/CVE-2021-20257), [CVE-2021-20263](https://nvd.nist.gov/vuln/detail/CVE-2021-20263), [CVE-2021-3409](https://nvd.nist.gov/vuln/detail/CVE-2021-3409), [CVE-2021-3416](https://nvd.nist.gov/vuln/detail/CVE-2021-3416), [CVE-2021-3527](https://nvd.nist.gov/vuln/detail/CVE-2021-3527), [CVE-2021-3544](https://nvd.nist.gov/vuln/detail/CVE-2021-3544), [CVE-2021-3545](https://nvd.nist.gov/vuln/detail/CVE-2021-3545), [CVE-2021-3546](https://nvd.nist.gov/vuln/detail/CVE-2021-3546), [CVE-2021-3582](https://nvd.nist.gov/vuln/detail/CVE-2021-3582), [CVE-2021-3607](https://nvd.nist.gov/vuln/detail/CVE-2021-3607), [CVE-2021-3608](https://nvd.nist.gov/vuln/detail/CVE-2021-3608), [CVE-2021-3682](https://nvd.nist.gov/vuln/detail/CVE-2021-3682))

4
sdk_container/src/third_party/coreos-overlay/changelog/security/2021-12-03-mantle-golang-crypto-text.md vendored
View File

@ -1,3 +1 @@
- [CVE-2021-3121](https://nvd.nist.gov/vuln/detail/CVE-2021-3121)
- [CVE-2021-38561](https://nvd.nist.gov/vuln/detail/CVE-2021-38561)
- [CVE-2021-43565](https://nvd.nist.gov/vuln/detail/CVE-2021-43565)
- SDK: mantle ([CVE-2021-3121](https://nvd.nist.gov/vuln/detail/CVE-2021-3121), [CVE-2021-38561](https://nvd.nist.gov/vuln/detail/CVE-2021-38561), [CVE-2021-43565](https://nvd.nist.gov/vuln/detail/CVE-2021-43565))

3
sdk_container/src/third_party/coreos-overlay/changelog/security/2021-12-03-torcx-golang-crypto-text.md vendored
View File

@ -1,2 +1 @@
- [CVE-2021-38561](https://nvd.nist.gov/vuln/detail/CVE-2021-38561)
- [CVE-2021-43565](https://nvd.nist.gov/vuln/detail/CVE-2021-43565)
- torcx ([CVE-2021-38561](https://nvd.nist.gov/vuln/detail/CVE-2021-38561), [CVE-2021-43565](https://nvd.nist.gov/vuln/detail/CVE-2021-43565))

3
sdk_container/src/third_party/coreos-overlay/changelog/security/2021-12-09-golang-1.17.5.md vendored
View File

@ -1,2 +1 @@
- [CVE-2021-44716](https://nvd.nist.gov/vuln/detail/CVE-2021-44716)
- [CVE-2021-44717](https://nvd.nist.gov/vuln/detail/CVE-2021-44717)
- Go ([CVE-2021-44716](https://nvd.nist.gov/vuln/detail/CVE-2021-44716), [CVE-2021-44717](https://nvd.nist.gov/vuln/detail/CVE-2021-44717))

2
sdk_container/src/third_party/coreos-overlay/changelog/security/2021-12-09-openssh-8.8.md vendored
View File

@ -1 +1 @@
- [CVE-2021-41617](https://nvd.nist.gov/vuln/detail/CVE-2021-41617)
- OpenSSH ([CVE-2021-41617](https://nvd.nist.gov/vuln/detail/CVE-2021-41617))

2
sdk_container/src/third_party/coreos-overlay/changelog/security/2022-01-07-containerd-1.5.9.md vendored
View File

@ -1 +1 @@
- [CVE-2021-43816](https://nvd.nist.gov/vuln/detail/CVE-2021-43816)
- containerd ([CVE-2021-43816](https://nvd.nist.gov/vuln/detail/CVE-2021-43816))