~sbeattie/ubuntu-cve-tracker/+git/ubuntu-cve-tracker:check-cves_ignore_cache

Last commit made on 2023-04-08
Get this branch:
git clone -b check-cves_ignore_cache https://git.launchpad.net/~sbeattie/ubuntu-cve-tracker/+git/ubuntu-cve-tracker
Only Steve Beattie can upload to this branch. If you are Steve Beattie please log in for upload directions.

Branch merges

Branch information

Name:
check-cves_ignore_cache
Repository:
lp:~sbeattie/ubuntu-cve-tracker/+git/ubuntu-cve-tracker

Recent commits

cea1697... by Steve Beattie

check-cves: add a cache of 5 last ignored reasons

Often times when performing triage I bounce between CVEs of a few
different products from the same vendor that end up being ignored. It's
useful to have roughly a cache of five or so entries, plus the debian
reason if available plus the heuristic guess.

Implement a small cache of previously used reasons for ignoring a cve.
It keeps the ordering the same as before, with the cache entries added
last, orted in most recently used order.

Using this results in things looking like:

   Debian CVE Tracker: NOT-FOR-US: Node sds

  A]dd (or R]epeat), I]gnore forever, S]kip for now, or Q]uit? [ignore]
  Reason to be ignored?
     a) Node sds
     b) sds from
     c) BlogEngine.NET
     d) InHand Networks InRouter302
     e) OpenClinica
     f) Intel(R) NUCs
     g) Check Point Enterprise Endpoint

Signed-off-by: Steve Beattie <email address hidden>
TODO: unit tests. Sorry.

Failed
[SUCCEEDED] unit-tests:0 (build)
[FAILED] check-cves:0 (build)
12 of 2 results
aa22836... by Steve Beattie

CVE-2022-46871: add linusrsctp and related references

Thanks to Alexandre P├ętillon for providing us with this information.

Signed-off-by: Steve Beattie <email address hidden>

29bc4a8... by Steve Beattie

Refresh CVEs (no new CVSS scores)

Signed-off-by: Steve Beattie <email address hidden>

5ab23d3... by Rodrigo Figueiredo Zaiden

merge cve updates from kernel team

Signed-off-by: Rodrigo Figueiredo Zaiden <email address hidden>

798f72d... by Thadeu Lima de Souza Cascardo

kernel/CVE-2023-0386: add break commit

We have allowed unprivileged mounts of overlayfs with our own fixes in the
past. We also need to look into other mitigations for those kernels.

Signed-off-by: Thadeu Lima de Souza Cascardo <email address hidden>

841ceea... by Thadeu Lima de Souza Cascardo

kernel/CVE-2023-0386: prioritize as high

Signed-off-by: Thadeu Lima de Souza Cascardo <email address hidden>

836cb80... by Ian Constantin

Updating jammy status to needed

74161b6... by Ian Constantin

Updated release statuses and added patch

ab8deb5... by Thadeu Lima de Souza Cascardo

kernel/CVE-2022-0168: autotriage

Signed-off-by: Thadeu Lima de Souza Cascardo <email address hidden>

a74349d... by Steve Beattie

Process cves run: triaged 7 CVEs, 90 Ignored, 1 Packages

Packages with new cves:
  bzip3(7)

Signed-off-by: Steve Beattie <email address hidden>