From 55e36198d24b99c525dfec4981c7d1cb66b62445 Mon Sep 17 00:00:00 2001 From: Ross Burton Date: Thu, 7 Sep 2023 16:30:42 +0100 Subject: [PATCH] linux: update CVE exclusions (From OE-Core rev: 5f9a2d44ba5f3c24bdee0e31051a9187eb6d6476) Signed-off-by: Ross Burton Signed-off-by: Richard Purdie --- meta/recipes-kernel/linux/cve-exclusion_6.1.inc | 8 ++++---- meta/recipes-kernel/linux/cve-exclusion_6.4.inc | 8 ++++---- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/meta/recipes-kernel/linux/cve-exclusion_6.1.inc b/meta/recipes-kernel/linux/cve-exclusion_6.1.inc index 5988327103..41ee8bcad5 100644 --- a/meta/recipes-kernel/linux/cve-exclusion_6.1.inc +++ b/meta/recipes-kernel/linux/cve-exclusion_6.1.inc @@ -1,9 +1,9 @@ # Auto-generated CVE metadata, DO NOT EDIT BY HAND. -# Generated at 2023-09-05 05:17:33.070404+00:00 for version 6.1.46 +# Generated at 2023-09-07 15:29:54.983415+00:00 for version 6.1.51 python check_kernel_cve_status_version() { - this_version = "6.1.46" + this_version = "6.1.51" kernel_version = d.getVar("LINUX_VERSION") if kernel_version != this_version: bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version)) @@ -4966,9 +4966,9 @@ CVE_STATUS[CVE-2023-3611] = "cpe-stable-backport: Backported in 6.1.40" # CVE-2023-37454 has no known resolution -# CVE-2023-3772 needs backporting (fixed from 6.1.47) +CVE_STATUS[CVE-2023-3772] = "cpe-stable-backport: Backported in 6.1.47" -# CVE-2023-3773 needs backporting (fixed from 6.1.47) +CVE_STATUS[CVE-2023-3773] = "cpe-stable-backport: Backported in 6.1.47" CVE_STATUS[CVE-2023-3776] = "cpe-stable-backport: Backported in 6.1.40" diff --git a/meta/recipes-kernel/linux/cve-exclusion_6.4.inc b/meta/recipes-kernel/linux/cve-exclusion_6.4.inc index 712794428d..5a5eb9a755 100644 --- a/meta/recipes-kernel/linux/cve-exclusion_6.4.inc +++ b/meta/recipes-kernel/linux/cve-exclusion_6.4.inc @@ -1,9 +1,9 @@ # Auto-generated CVE metadata, DO NOT EDIT BY HAND. -# Generated at 2023-09-05 05:17:35.599561+00:00 for version 6.4.11 +# Generated at 2023-09-07 15:30:03.897686+00:00 for version 6.4.14 python check_kernel_cve_status_version() { - this_version = "6.4.11" + this_version = "6.4.14" kernel_version = d.getVar("LINUX_VERSION") if kernel_version != this_version: bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version)) @@ -4966,9 +4966,9 @@ CVE_STATUS[CVE-2023-3611] = "cpe-stable-backport: Backported in 6.4.5" # CVE-2023-37454 has no known resolution -# CVE-2023-3772 needs backporting (fixed from 6.4.12) +CVE_STATUS[CVE-2023-3772] = "cpe-stable-backport: Backported in 6.4.12" -# CVE-2023-3773 needs backporting (fixed from 6.4.12) +CVE_STATUS[CVE-2023-3773] = "cpe-stable-backport: Backported in 6.4.12" CVE_STATUS[CVE-2023-3776] = "cpe-stable-backport: Backported in 6.4.5"