diff options
author | Ross Burton <ross.burton@arm.com> | 2023-08-25 17:08:30 +0100 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2023-08-30 09:51:43 +0100 |
commit | aac27011172dea37eb3687af57d05c9546b831ae (patch) | |
tree | 781f3b9798d1b1845085ac0b663e9f0fe56a8230 | |
parent | 645066ecec0f52eac0225a144285f44882003856 (diff) | |
download | openembedded-core-aac27011172dea37eb3687af57d05c9546b831ae.tar.gz |
linux-yocto: update CVE exclusions files
No changes to the data, but the version checks are added.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r-- | meta/recipes-kernel/linux/cve-exclusion_6.1.inc | 11 | ||||
-rw-r--r-- | meta/recipes-kernel/linux/cve-exclusion_6.4.inc | 11 |
2 files changed, 20 insertions, 2 deletions
diff --git a/meta/recipes-kernel/linux/cve-exclusion_6.1.inc b/meta/recipes-kernel/linux/cve-exclusion_6.1.inc index 499785f6d2..ce3a534cf3 100644 --- a/meta/recipes-kernel/linux/cve-exclusion_6.1.inc +++ b/meta/recipes-kernel/linux/cve-exclusion_6.1.inc @@ -1,5 +1,14 @@ + # Auto-generated CVE metadata, DO NOT EDIT BY HAND. -# Generated at 2023-08-21 12:41:13.991251 for version 6.1.43 +# Generated at 2023-08-25 12:42:35.329668 for version 6.1.46" + +python check_kernel_cve_status_version() { + this_version = "6.1.46" + kernel_version = d.getVar("LINUX_VERSION") + if kernel_version != this_version: + bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version)) +} +do_cve_check[prefuncs] += "check_kernel_cve_status_version" CVE_STATUS[CVE-2003-1604] = "fixed-version: Fixed after version 2.6.12rc2" diff --git a/meta/recipes-kernel/linux/cve-exclusion_6.4.inc b/meta/recipes-kernel/linux/cve-exclusion_6.4.inc index b9210724bf..63f0760b2d 100644 --- a/meta/recipes-kernel/linux/cve-exclusion_6.4.inc +++ b/meta/recipes-kernel/linux/cve-exclusion_6.4.inc @@ -1,5 +1,14 @@ + # Auto-generated CVE metadata, DO NOT EDIT BY HAND. -# Generated at 2023-08-21 12:41:33.545124 for version 6.4.9 +# Generated at 2023-08-25 12:42:28.369507 for version 6.4.11" + +python check_kernel_cve_status_version() { + this_version = "6.4.11" + kernel_version = d.getVar("LINUX_VERSION") + if kernel_version != this_version: + bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version)) +} +do_cve_check[prefuncs] += "check_kernel_cve_status_version" CVE_STATUS[CVE-2003-1604] = "fixed-version: Fixed after version 2.6.12rc2" |