On 1/29/20 10:09 PM, Huzaifa Sidhpurwala wrote:
Do we want to continue the same condition as described here:
https://gcc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fmivehind.net%2F2020%2F01%2F28%2FFedora-has-too-many-security-bugs%2F&data=02%7C01%7Cprzemek.klosowski%40nist.gov%7C9ae214a4d4c64560672108d7a531e253%7C2ab5d82fd8fa4797a93e054655c61dec%7C1%7C1%7C637159505983125291&sdata=4Pejm8f%2BrbgzPlnmazM7B78%2FEURwdIX1UitDyK%2FRP3c%3D&reserved=0
For what it's worth, here's the list of most vulnerable components
(2-digit CVE count). Of course Daniel is right that we should consider
the severity (disregard 'low' issues perhaps)---how do you get the
severity in addition to the 8 fields returned by the above bugzilla
search result?
mingw-libtiff 57
xpdf 47
hdf5 40
mingw-sqlite 39
jenkins 36
asterisk 33
matio 33
kernel 31
mingw-openssl 30
LibRaw 26
nodejs 26
binutils 25
libsass 25
mingw-libxml2 25
podofo 23
mingw-jasper 22
nextcloud 22
blender 21
adplug 20
mingw-SDL2 20
sqlite 20
ImageMagick 19
exiv2 19
moodle 19
mingw-curl 18
virglrenderer 18
openjpeg 17
chromium 16
nginx 16
mingw-icu 15
xen 15
edk2 14
mingw-libxslt 13
glpi 12
imlib2 12
libdwarf 12
mingw-libgcrypt 12
mingw-libjpeg-turbo 12
mingw-webkitgtk 12
qemu 12
undertow 12
mongoose 11
python-lmdb 11
bouncycastle 10
jhead 10
libvncserver 10
mingw-expat 10
mingw-libpng 10
mingw-pcre 10
nasm 10
php 10
php-symfony 10
squirrelmail 10
wordpress 10
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
