CVE Fix tracking?

Hi there!

We noticed the recent chatter about the “BleedingTeeth” vulnerability in BlueZ and it got me thinking: Is there a way for us to track which CVEs particular versions of balenaOS are vulnerable to? It’d be nice to know when we can expect to be in the clear for vulnerabilities like this.


Hi Mike, we don’t have a list of these that we maintain anywhere, but it is something we have discussed in the past. So, I have taken your note and added it to an internal ticket that we will use for tracking purposes. I have attached this thread to it, so, once we have some sort of a conclusion, we’ll be reminded to ping you back on this. Have a great weekend, thanks!

That’d be great, thanks!