Created attachment 8701 [details] hypertext Steps to reproduce: $ cat <<EOF > .config > BR2_LINUX_KERNEL=y > BR2_LINUX_KERNEL_USE_ARCH_DEFAULT_CONFIG=y > EOF $ make pkg-stats In my case, there are 110 CVEs linked to linux package, while most of them or none at all are related. The last three entries in CVEs column: https://security-tracker.debian.org/tracker/CVE-2013-2032 - mediawiki https://security-tracker.debian.org/tracker/CVE-2014-3250 - puppet https://security-tracker.debian.org/tracker/CVE-2014-4909 - transmission
Thanks a lot for your bug report! Could you try with the patch series at https://patchwork.ozlabs.org/project/buildroot/list/?series=218648 applied, and see if it improves things ?
The mentioned patch series seems to help with the CVEs flood for linux package. However, I find it odd to see in which order the CVEs column gets sorted now: - In ascending order: "yellow - orange - green", but i'd expect "orange - yellow - green" - In descending order: "green - orange - yellow" instead of "green - yellow - orange" (See attached image for illustration)
(The screenshot is 0.5M, attaching the link to external storage) https://imgur.com/a/LNEyaHR
Thanks for your feedback. This sorting is just doing alphabetic sorting I believe, so it doesn't make much sense for CVEs. It's a bit like sorting the "Current version" or "Latest version" columns: it doesn't do anything useful. We should perhaps disable the sorting on some columns.
Thank you for your report. The issue tracker for the Buildroot project has been moved to the Gitlab.com issue tracker: https://gitlab.com/buildroot.org/buildroot/-/issues We are taking this opportunity to close old issues in this old tracker. If you believe your issue is still relevant, please open one in the new issue tracker. Thank you!