diff options
author | Ross Burton <ross.burton@arm.com> | 2023-10-23 15:05:53 +0100 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2023-10-23 15:48:02 +0100 |
commit | e586c9ddc86b6d35c651cecd3be22b3e43306ecf (patch) | |
tree | c6235186dac8f0bdd1f8d6fe61619cb5f7fa4dd7 | |
parent | d3f536b3fc3f7027f6f5cf8bdaf5d7c050c7974b (diff) | |
download | openembedded-core-contrib-e586c9ddc86b6d35c651cecd3be22b3e43306ecf.tar.gz |
linux-yocto: update CVE exclusions
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r-- | meta/recipes-kernel/linux/cve-exclusion_6.1.inc | 46 | ||||
-rw-r--r-- | meta/recipes-kernel/linux/cve-exclusion_6.5.inc | 40 |
2 files changed, 77 insertions, 9 deletions
diff --git a/meta/recipes-kernel/linux/cve-exclusion_6.1.inc b/meta/recipes-kernel/linux/cve-exclusion_6.1.inc index 6af53b0d75..3f708b0cc5 100644 --- a/meta/recipes-kernel/linux/cve-exclusion_6.1.inc +++ b/meta/recipes-kernel/linux/cve-exclusion_6.1.inc @@ -1,6 +1,6 @@ # Auto-generated CVE metadata, DO NOT EDIT BY HAND. -# Generated at 2023-10-14 12:24:32.747058+00:00 for version 6.1.57 +# Generated at 2023-10-23 14:03:17.479563+00:00 for version 6.1.57 python check_kernel_cve_status_version() { this_version = "6.1.57" @@ -3354,7 +3354,7 @@ CVE_STATUS[CVE-2020-27194] = "fixed-version: Fixed from version 5.9" CVE_STATUS[CVE-2020-2732] = "fixed-version: Fixed from version 5.6rc4" -# CVE-2020-27418 has no known resolution +CVE_STATUS[CVE-2020-27418] = "fixed-version: Fixed from version 5.6rc5" CVE_STATUS[CVE-2020-27673] = "fixed-version: Fixed from version 5.10rc1" @@ -4856,7 +4856,7 @@ CVE_STATUS[CVE-2023-3106] = "fixed-version: Fixed from version 4.8rc7" # CVE-2023-31084 needs backporting (fixed from 6.4rc3) -# CVE-2023-31085 has no known resolution +CVE_STATUS[CVE-2023-31085] = "cpe-stable-backport: Backported in 6.1.57" CVE_STATUS[CVE-2023-3111] = "fixed-version: Fixed from version 6.0rc2" @@ -4936,6 +4936,8 @@ CVE_STATUS[CVE-2023-34256] = "cpe-stable-backport: Backported in 6.1.29" CVE_STATUS[CVE-2023-34319] = "cpe-stable-backport: Backported in 6.1.44" +CVE_STATUS[CVE-2023-34324] = "cpe-stable-backport: Backported in 6.1.57" + CVE_STATUS[CVE-2023-3439] = "fixed-version: Fixed from version 5.18rc5" CVE_STATUS[CVE-2023-35001] = "cpe-stable-backport: Backported in 6.1.39" @@ -5004,6 +5006,16 @@ CVE_STATUS[CVE-2023-3866] = "cpe-stable-backport: Backported in 6.1.36" CVE_STATUS[CVE-2023-3867] = "cpe-stable-backport: Backported in 6.1.40" +CVE_STATUS[CVE-2023-39189] = "cpe-stable-backport: Backported in 6.1.54" + +# CVE-2023-39191 needs backporting (fixed from 6.3rc1) + +CVE_STATUS[CVE-2023-39192] = "cpe-stable-backport: Backported in 6.1.53" + +CVE_STATUS[CVE-2023-39193] = "cpe-stable-backport: Backported in 6.1.53" + +CVE_STATUS[CVE-2023-39194] = "cpe-stable-backport: Backported in 6.1.47" + CVE_STATUS[CVE-2023-4004] = "cpe-stable-backport: Backported in 6.1.42" # CVE-2023-4010 has no known resolution @@ -5012,6 +5024,8 @@ CVE_STATUS[CVE-2023-4015] = "cpe-stable-backport: Backported in 6.1.43" CVE_STATUS[CVE-2023-40283] = "cpe-stable-backport: Backported in 6.1.45" +# CVE-2023-40791 needs backporting (fixed from 6.5rc6) + CVE_STATUS[CVE-2023-4128] = "cpe-stable-backport: Backported in 6.1.45" CVE_STATUS[CVE-2023-4132] = "cpe-stable-backport: Backported in 6.1.39" @@ -5032,7 +5046,7 @@ CVE_STATUS[CVE-2023-4207] = "cpe-stable-backport: Backported in 6.1.45" CVE_STATUS[CVE-2023-4208] = "cpe-stable-backport: Backported in 6.1.45" -# CVE-2023-4244 needs backporting (fixed from 6.5rc7) +CVE_STATUS[CVE-2023-4244] = "cpe-stable-backport: Backported in 6.1.56" CVE_STATUS[CVE-2023-4273] = "cpe-stable-backport: Backported in 6.1.45" @@ -5040,8 +5054,12 @@ CVE_STATUS[CVE-2023-42752] = "cpe-stable-backport: Backported in 6.1.53" CVE_STATUS[CVE-2023-42753] = "cpe-stable-backport: Backported in 6.1.53" +CVE_STATUS[CVE-2023-42754] = "cpe-stable-backport: Backported in 6.1.56" + CVE_STATUS[CVE-2023-42755] = "cpe-stable-backport: Backported in 6.1.55" +CVE_STATUS[CVE-2023-42756] = "fixed-version: only affects 6.4rc6 onwards" + CVE_STATUS[CVE-2023-4385] = "fixed-version: Fixed from version 5.19rc1" CVE_STATUS[CVE-2023-4387] = "fixed-version: Fixed from version 5.18" @@ -5050,23 +5068,39 @@ CVE_STATUS[CVE-2023-4389] = "fixed-version: Fixed from version 5.18rc3" CVE_STATUS[CVE-2023-4394] = "fixed-version: Fixed from version 6.0rc3" +CVE_STATUS[CVE-2023-44466] = "cpe-stable-backport: Backported in 6.1.40" + CVE_STATUS[CVE-2023-4459] = "fixed-version: Fixed from version 5.18" -# CVE-2023-4563 needs backporting (fixed from 6.5rc6) +CVE_STATUS[CVE-2023-4563] = "cpe-stable-backport: Backported in 6.1.56" CVE_STATUS[CVE-2023-4569] = "cpe-stable-backport: Backported in 6.1.47" +CVE_STATUS[CVE-2023-45862] = "cpe-stable-backport: Backported in 6.1.18" + +CVE_STATUS[CVE-2023-45863] = "cpe-stable-backport: Backported in 6.1.16" + +CVE_STATUS[CVE-2023-45871] = "cpe-stable-backport: Backported in 6.1.53" + +# CVE-2023-45898 needs backporting (fixed from 6.6rc1) + +# CVE-2023-4610 has no known resolution + CVE_STATUS[CVE-2023-4611] = "fixed-version: only affects 6.4rc1 onwards" # CVE-2023-4622 needs backporting (fixed from 6.5rc1) CVE_STATUS[CVE-2023-4623] = "cpe-stable-backport: Backported in 6.1.53" +CVE_STATUS[CVE-2023-4732] = "fixed-version: Fixed from version 5.14rc1" + CVE_STATUS[CVE-2023-4881] = "cpe-stable-backport: Backported in 6.1.54" CVE_STATUS[CVE-2023-4921] = "cpe-stable-backport: Backported in 6.1.54" # CVE-2023-5158 has no known resolution -# CVE-2023-5197 needs backporting (fixed from 6.6rc3) +CVE_STATUS[CVE-2023-5197] = "cpe-stable-backport: Backported in 6.1.56" + +CVE_STATUS[CVE-2023-5345] = "cpe-stable-backport: Backported in 6.1.56" diff --git a/meta/recipes-kernel/linux/cve-exclusion_6.5.inc b/meta/recipes-kernel/linux/cve-exclusion_6.5.inc index dbcfdcd31c..69cf790844 100644 --- a/meta/recipes-kernel/linux/cve-exclusion_6.5.inc +++ b/meta/recipes-kernel/linux/cve-exclusion_6.5.inc @@ -1,6 +1,6 @@ # Auto-generated CVE metadata, DO NOT EDIT BY HAND. -# Generated at 2023-10-14 12:24:32.683888+00:00 for version 6.5.7 +# Generated at 2023-10-23 14:03:24.529766+00:00 for version 6.5.7 python check_kernel_cve_status_version() { this_version = "6.5.7" @@ -3354,7 +3354,7 @@ CVE_STATUS[CVE-2020-27194] = "fixed-version: Fixed from version 5.9" CVE_STATUS[CVE-2020-2732] = "fixed-version: Fixed from version 5.6rc4" -# CVE-2020-27418 has no known resolution +CVE_STATUS[CVE-2020-27418] = "fixed-version: Fixed from version 5.6rc5" CVE_STATUS[CVE-2020-27673] = "fixed-version: Fixed from version 5.10rc1" @@ -4856,7 +4856,7 @@ CVE_STATUS[CVE-2023-3106] = "fixed-version: Fixed from version 4.8rc7" CVE_STATUS[CVE-2023-31084] = "fixed-version: Fixed from version 6.4rc3" -# CVE-2023-31085 has no known resolution +# CVE-2023-31085 needs backporting (fixed from 6.6rc5) CVE_STATUS[CVE-2023-3111] = "fixed-version: Fixed from version 6.0rc2" @@ -4936,6 +4936,8 @@ CVE_STATUS[CVE-2023-34256] = "fixed-version: Fixed from version 6.4rc2" CVE_STATUS[CVE-2023-34319] = "fixed-version: Fixed from version 6.5rc6" +# CVE-2023-34324 needs backporting (fixed from 6.6rc6) + CVE_STATUS[CVE-2023-3439] = "fixed-version: Fixed from version 5.18rc5" CVE_STATUS[CVE-2023-35001] = "fixed-version: Fixed from version 6.5rc2" @@ -5004,6 +5006,16 @@ CVE_STATUS[CVE-2023-3866] = "fixed-version: Fixed from version 6.4" CVE_STATUS[CVE-2023-3867] = "fixed-version: Fixed from version 6.5rc1" +# CVE-2023-39189 needs backporting (fixed from 6.6rc1) + +CVE_STATUS[CVE-2023-39191] = "fixed-version: Fixed from version 6.3rc1" + +# CVE-2023-39192 needs backporting (fixed from 6.6rc1) + +# CVE-2023-39193 needs backporting (fixed from 6.6rc1) + +CVE_STATUS[CVE-2023-39194] = "fixed-version: Fixed from version 6.5rc7" + CVE_STATUS[CVE-2023-4004] = "fixed-version: Fixed from version 6.5rc3" # CVE-2023-4010 has no known resolution @@ -5012,6 +5024,8 @@ CVE_STATUS[CVE-2023-4015] = "fixed-version: Fixed from version 6.5rc4" CVE_STATUS[CVE-2023-40283] = "fixed-version: Fixed from version 6.5rc1" +CVE_STATUS[CVE-2023-40791] = "fixed-version: Fixed from version 6.5rc6" + CVE_STATUS[CVE-2023-4128] = "fixed-version: Fixed from version 6.5rc5" CVE_STATUS[CVE-2023-4132] = "fixed-version: Fixed from version 6.5rc1" @@ -5040,8 +5054,12 @@ CVE_STATUS[CVE-2023-4273] = "fixed-version: Fixed from version 6.5rc5" # CVE-2023-42753 needs backporting (fixed from 6.6rc1) +# CVE-2023-42754 needs backporting (fixed from 6.6rc3) + CVE_STATUS[CVE-2023-42755] = "fixed-version: Fixed from version 6.3rc1" +# CVE-2023-42756 needs backporting (fixed from 6.6rc3) + CVE_STATUS[CVE-2023-4385] = "fixed-version: Fixed from version 5.19rc1" CVE_STATUS[CVE-2023-4387] = "fixed-version: Fixed from version 5.18" @@ -5050,18 +5068,32 @@ CVE_STATUS[CVE-2023-4389] = "fixed-version: Fixed from version 5.18rc3" CVE_STATUS[CVE-2023-4394] = "fixed-version: Fixed from version 6.0rc3" +CVE_STATUS[CVE-2023-44466] = "fixed-version: Fixed from version 6.5rc2" + CVE_STATUS[CVE-2023-4459] = "fixed-version: Fixed from version 5.18" CVE_STATUS[CVE-2023-4563] = "fixed-version: Fixed from version 6.5rc6" CVE_STATUS[CVE-2023-4569] = "fixed-version: Fixed from version 6.5rc7" +CVE_STATUS[CVE-2023-45862] = "fixed-version: Fixed from version 6.3rc1" + +CVE_STATUS[CVE-2023-45863] = "fixed-version: Fixed from version 6.3rc1" + +# CVE-2023-45871 needs backporting (fixed from 6.6rc1) + +# CVE-2023-45898 needs backporting (fixed from 6.6rc1) + +# CVE-2023-4610 has no known resolution + CVE_STATUS[CVE-2023-4611] = "fixed-version: Fixed from version 6.5rc4" CVE_STATUS[CVE-2023-4622] = "fixed-version: Fixed from version 6.5rc1" # CVE-2023-4623 needs backporting (fixed from 6.6rc1) +CVE_STATUS[CVE-2023-4732] = "fixed-version: Fixed from version 5.14rc1" + # CVE-2023-4881 needs backporting (fixed from 6.6rc1) # CVE-2023-4921 needs backporting (fixed from 6.6rc1) @@ -5070,3 +5102,5 @@ CVE_STATUS[CVE-2023-4622] = "fixed-version: Fixed from version 6.5rc1" # CVE-2023-5197 needs backporting (fixed from 6.6rc3) +# CVE-2023-5345 needs backporting (fixed from 6.6rc4) + |