Hi osquery team, based on the version like 5.4.0 a...
# general
w
Hi osquery team, based on the version like 5.4.0 and https://github.com/osquery/osquery/issues?q=is%3Aissue+label%3Acve, can we say all the cve included in the given list are eliminated?
m
We have updated third-party libraries for CVEs since osquery 5.4.0, so I would not assume osquery 5.4.0 is free of CVEs. See recently updated libraries that had CVEs here: https://github.com/osquery/osquery/pulls?q=is%3Apr+label%3Acve
But we didn't start labeling the PRs with
cve
until more recently than osquery 5.4.0 For libraries that were updated in each release of osquery, you can refer to the changelog https://github.com/osquery/osquery/releases