summaryrefslogtreecommitdiff
path: root/poky/meta/recipes-kernel/linux/cve-exclusion_6.1.inc
diff options
context:
space:
mode:
authorPatrick Williams <patrick@stwcx.xyz>2024-03-01 23:30:19 +0300
committerPatrick Williams <patrick@stwcx.xyz>2024-03-02 00:24:34 +0300
commit7363086d8a6f87f6c162a314937f1c2e3c063b42 (patch)
treef37b4996342d0af75369338b4a1a0fc416c5feeb /poky/meta/recipes-kernel/linux/cve-exclusion_6.1.inc
parentd4fa64b8fbad9ed7bef03090adec4a99cf9ecd5b (diff)
downloadopenbmc-nanbield.tar.xz
subtree updatesnanbield
meta-arm: 79c52afe74..9a4ae38e84: Emekcan Aras (1): arm-bsp/optee: Improve PIN counter handling robustness Harsimran Singh Tungal (2): corstone1000:arm-bsp/tftf: Fix tftf tests on mps3 arm-bsp/tf-a-tests: fix corstone1000 Ross Burton (2): arm-bsp/documentation: upgrade Sphinx slightly CI: use https: to fetch meta-virtualization meta-openembedded: 2da6e1b0e4..da9063bdfb: Changqing Li (2): postgresql: upgrade 15.4 -> 15.5 redis: upgrade 6.2.13 -> 6.2.14 Khem Raj (1): webkitgtk3: upgrade 2.42.0 -> 2.42.1 Meenali Gupta (1): nginx: upgrade 1.25.2 -> 1.25.3 Mingli Yu (1): mariadb: Upgrade to 10.11.6 Wang Mingyu (5): strongswan: upgrade 5.9.12 -> 5.9.13 webkitgtk3: upgrade 2.42.1 -> 2.42.2 webkitgtk3: upgrade 2.42.2 -> 2.42.3 webkitgtk3: upgrade 2.42.3 -> 2.42.4 libssh: upgrade 0.10.5 -> 0.10.6 Yi Zhao (1): samba: upgrade 4.18.8 -> 4.18.9 poky: 61a59d00a0..1a5c00f00c: Alassane Yattara (1): bitbake: toaster/toastergui: Bug-fix verify given layer path only if import/add local layer Alexander Kanavin (2): glibc-y2038-tests: do not run tests using 32 bit time APIs icon-naming-utils: take tarball from debian Alexander Sverdlin (1): linux-firmware: upgrade 20231030 -> 20231211 Anuj Mittal (2): base-passwd: upgrade 3.6.2 -> 3.6.3 glib-2.0: upgrade 2.78.1 -> 2.78.3 Baruch Siach (1): contributor-guide: fix lore URL Benjamin Bara (1): glibc: stable 2.38 branch updates Bruce Ashfield (8): linux-yocto/6.1: update to v6.1.69 linux-yocto/6.1: update to v6.1.70 linux-yocto/6.1: update CVE exclusions linux-yocto/6.1: update to v6.1.72 linux-yocto/6.1: update CVE exclusions linux-yocto/6.1: security/cfg: add configs to harden protection linux-yocto/6.1: update to v6.1.73 linux-yocto/6.1: update CVE exclusions Chen Qi (2): sudo: upgrade from 1.9.15p2 to 1.9.15p5 multilib_global.bbclass: fix parsing error with no kernel module split Clay Chang (1): devtool: deploy: provide max_process to strip_execs Enguerrand de Ribaucourt (1): manuals: document VSCode extension Ilya A. Kriveshko (1): dev-manual: update license manifest path Jason Andryuk (3): linux-firmware: Package iwlwifi .pnvm files linux-firmware: Change bnx2 packaging linux-firmware: Create bnx2x subpackage Jeremy A. Puhlman (1): create-spdx-2.2: combine spdx can try to write before dir creation Joao Marcos Costa (1): documentation.conf: fix do_menuconfig description Jonathan GUILLOT (1): udev-extraconf: fix unmount directories containing octal-escaped chars Jose Quaresma (2): go: update 1.20.10 -> 1.20.11 go: update 1.20.11 -> 1.20.12 Joshua Watt (2): rpcbind: Specify state directory under /run classes-global/sstate: Fix variable typo Julien Stephan (1): externalsrc: fix task dependency for do_populate_lic Jörg Sommer (1): documentation: Add UBOOT_BINARY, extend UBOOT_CONFIG Kai Kang (1): xserver-xorg: 21.1.9 -> 21.1.11 Khem Raj (2): tiff: Backport fixes for CVE-2023-6277 tcl: Fix prepending to run-ptest script Lee Chee Yang (5): curl: Fix CVE-2023-46219 qemu: 8.1.2 -> 8.1.4 migration-guide: add release notes for 4.3.2 migration-guide: add release notes for 4.0.16 migration-guide: add release notes for 4.3.3 Markus Volk (1): libadwaita: update 1.4.0 -> 1.4.2 Massimiliano Minella (1): zstd: fix LICENSE statement Maxin B. John (1): ref-manual: classes: remove insserv bbclass Michael Opdenacker (3): contributor-guide: use "apt" instead of "aptitude" release-notes-4.3: fix spacing migration-guides: fix release notes for 4.3.3 Ming Liu (2): grub: fs/fat: Don't error when mtime is 0 qemu.bbclass: fix a python TypeError Mingli Yu (1): python3-license-expression: Fix the ptest failure Peter Kjellerstedt (1): devtool: modify: Handle recipes with a menuconfig task correctly Peter Marko (4): dtc: preserve version also from shallow git clones sqlite3: upgrade 3.43.1 -> 3.43.2 sqlite: drop obsolete CVE ignore zlib: ignore CVE-2023-6992 Richard Purdie (9): pseudo: Update to pull in syncfs probe fix sstate: Fix dir ownership issues in SSTATE_DIR curl: Disable two intermittently failing tests lib/prservice: Improve lock handling robustness oeqa/selftest/prservice: Improve test robustness curl: Disable test 1091 due to intermittent failures allarch: Fix allarch corner case reproducible: Fix race with externalsrc/devtool over lockfile pseudo: Update to pull in gcc14 fix and missing statvfs64 intercept Robert Berger (1): uninative-tarball.xz - reproducibility fix Robert Joslyn (1): gtk: Set CVE_PRODUCT Robert Yang (2): nfs-utils: Upgrade 2.6.3 -> 2.6.4 nfs-utils: Update Upstream-Status Rodrigo M. Duarte (1): linux-firmware: Fix the linux-firmware-bcm4373 FILES variable Ross Burton (4): avahi: update URL for new project location libssh2: backport fix for CVE-2023-48795 cve_check: handle CVE_STATUS being set to the empty string cve_check: cleanup logging Saul Wold (1): package.py: OEHasPackage: Add MLPREFIX to packagename Simone Weiß (5): dev-manual: start.rst: Update use of Download page dev-manual: start.rst: Update use of Download page glibc: Set status for CVE-2023-5156 & CVE-2023-0687 dev-manual: gen-tapdevs need iptables installed gcc: Update status of CVE-2023-4039 Soumya Sambu (1): ncurses: Fix - tty is hung after reset Steve Sakoman (2): poky.conf: bump version for 4.3.3 release build-appliance-image: Update to nanbield head revision Trevor Gamblin (1): scripts/runqemu: fix regex escape sequences Wang Mingyu (9): xwayland: upgrade 23.2.2 -> 23.2.3 libatomic-ops: upgrade 7.8.0 -> 7.8.2 libva-utils: upgrade 2.20.0 -> 2.20.1 kea: upgrade 2.4.0 -> 2.4.1 gstreamer1.0: upgrade 1.22.7 -> 1.22.8 aspell: upgrade 0.60.8 -> 0.60.8.1 at-spi2-core: upgrade 2.50.0 -> 2.50.1 cpio: upgrade 2.14 -> 2.15 gstreamer: upgrade 1.22.8 -> 1.22.9 William Lyu (1): elfutils: Update license information Xiangyu Chen (2): shadow: Fix for CVE-2023-4641 sudo: upgrade 1.9.14p3 -> 1.9.15p2 Yang Xu (1): rootfs.py: check depmodwrapper execution result Yogita Urade (2): tiff: fix CVE-2023-6228 tiff: fix CVE-2023-52355 and CVE-2023-52356 Zahir Hussain (1): cmake: Unset CMAKE_CXX_IMPLICIT_INCLUDE_DIRECTORIES baruch@tkos.co.il (1): overlayfs: add missing closing parenthesis in selftest Change-Id: I613697694d0eb51ae9451f7e869b69d6c1ba1fd3 Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
Diffstat (limited to 'poky/meta/recipes-kernel/linux/cve-exclusion_6.1.inc')
-rw-r--r--poky/meta/recipes-kernel/linux/cve-exclusion_6.1.inc68
1 files changed, 62 insertions, 6 deletions
diff --git a/poky/meta/recipes-kernel/linux/cve-exclusion_6.1.inc b/poky/meta/recipes-kernel/linux/cve-exclusion_6.1.inc
index 1b51737c7d..45fcc7b260 100644
--- a/poky/meta/recipes-kernel/linux/cve-exclusion_6.1.inc
+++ b/poky/meta/recipes-kernel/linux/cve-exclusion_6.1.inc
@@ -1,9 +1,9 @@
# Auto-generated CVE metadata, DO NOT EDIT BY HAND.
-# Generated at 2023-12-23 08:44:42.304531+00:00 for version 6.1.68
+# Generated at 2024-01-18 21:10:06.148505+00:00 for version 6.1.73
python check_kernel_cve_status_version() {
- this_version = "6.1.68"
+ this_version = "6.1.73"
kernel_version = d.getVar("LINUX_VERSION")
if kernel_version != this_version:
bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version))
@@ -4584,6 +4584,8 @@ CVE_STATUS[CVE-2022-48425] = "cpe-stable-backport: Backported in 6.1.33"
CVE_STATUS[CVE-2022-48502] = "cpe-stable-backport: Backported in 6.1.40"
+CVE_STATUS[CVE-2022-48619] = "fixed-version: Fixed from version 5.18rc1"
+
CVE_STATUS[CVE-2023-0030] = "fixed-version: Fixed from version 5.0rc1"
CVE_STATUS[CVE-2023-0045] = "cpe-stable-backport: Backported in 6.1.5"
@@ -4644,7 +4646,7 @@ CVE_STATUS[CVE-2023-1118] = "cpe-stable-backport: Backported in 6.1.16"
CVE_STATUS[CVE-2023-1192] = "cpe-stable-backport: Backported in 6.1.33"
-# CVE-2023-1193 needs backporting (fixed from 6.3rc6)
+CVE_STATUS[CVE-2023-1193] = "cpe-stable-backport: Backported in 6.1.71"
CVE_STATUS[CVE-2023-1194] = "cpe-stable-backport: Backported in 6.1.34"
@@ -4666,6 +4668,8 @@ CVE_STATUS[CVE-2023-1382] = "fixed-version: Fixed from version 6.1rc7"
CVE_STATUS[CVE-2023-1390] = "fixed-version: Fixed from version 5.11rc4"
+# CVE-2023-1476 has no known resolution
+
CVE_STATUS[CVE-2023-1513] = "cpe-stable-backport: Backported in 6.1.13"
CVE_STATUS[CVE-2023-1582] = "fixed-version: Fixed from version 5.17rc4"
@@ -5088,7 +5092,7 @@ CVE_STATUS[CVE-2023-45871] = "cpe-stable-backport: Backported in 6.1.53"
CVE_STATUS[CVE-2023-45898] = "fixed-version: only affects 6.5rc1 onwards"
-# CVE-2023-4610 needs backporting (fixed from 6.4)
+CVE_STATUS[CVE-2023-4610] = "fixed-version: only affects 6.4rc1 onwards"
CVE_STATUS[CVE-2023-4611] = "fixed-version: only affects 6.4rc1 onwards"
@@ -5106,11 +5110,21 @@ CVE_STATUS[CVE-2023-4881] = "cpe-stable-backport: Backported in 6.1.54"
CVE_STATUS[CVE-2023-4921] = "cpe-stable-backport: Backported in 6.1.54"
+# CVE-2023-50431 has no known resolution
+
CVE_STATUS[CVE-2023-5090] = "cpe-stable-backport: Backported in 6.1.62"
CVE_STATUS[CVE-2023-5158] = "cpe-stable-backport: Backported in 6.1.57"
-# CVE-2023-5178 needs backporting (fixed from 6.1.60)
+CVE_STATUS[CVE-2023-51779] = "cpe-stable-backport: Backported in 6.1.70"
+
+CVE_STATUS[CVE-2023-5178] = "cpe-stable-backport: Backported in 6.1.60"
+
+CVE_STATUS[CVE-2023-51780] = "cpe-stable-backport: Backported in 6.1.69"
+
+CVE_STATUS[CVE-2023-51781] = "cpe-stable-backport: Backported in 6.1.69"
+
+CVE_STATUS[CVE-2023-51782] = "cpe-stable-backport: Backported in 6.1.69"
CVE_STATUS[CVE-2023-5197] = "cpe-stable-backport: Backported in 6.1.56"
@@ -5120,10 +5134,12 @@ CVE_STATUS[CVE-2023-5633] = "fixed-version: only affects 6.2 onwards"
# CVE-2023-5717 needs backporting (fixed from 6.1.60)
-# CVE-2023-5972 needs backporting (fixed from 6.6rc7)
+CVE_STATUS[CVE-2023-5972] = "fixed-version: only affects 6.2rc1 onwards"
# CVE-2023-6039 needs backporting (fixed from 6.5rc5)
+CVE_STATUS[CVE-2023-6040] = "fixed-version: Fixed from version 5.18rc1"
+
CVE_STATUS[CVE-2023-6111] = "fixed-version: only affects 6.6rc3 onwards"
CVE_STATUS[CVE-2023-6121] = "cpe-stable-backport: Backported in 6.1.65"
@@ -5132,3 +5148,43 @@ CVE_STATUS[CVE-2023-6176] = "cpe-stable-backport: Backported in 6.1.54"
# CVE-2023-6238 has no known resolution
+# CVE-2023-6270 has no known resolution
+
+# CVE-2023-6356 has no known resolution
+
+CVE_STATUS[CVE-2023-6531] = "cpe-stable-backport: Backported in 6.1.68"
+
+# CVE-2023-6535 has no known resolution
+
+# CVE-2023-6536 has no known resolution
+
+CVE_STATUS[CVE-2023-6546] = "cpe-stable-backport: Backported in 6.1.47"
+
+# CVE-2023-6560 needs backporting (fixed from 6.7rc4)
+
+CVE_STATUS[CVE-2023-6606] = "cpe-stable-backport: Backported in 6.1.70"
+
+# CVE-2023-6610 needs backporting (fixed from 6.7rc7)
+
+CVE_STATUS[CVE-2023-6622] = "cpe-stable-backport: Backported in 6.1.68"
+
+CVE_STATUS[CVE-2023-6679] = "fixed-version: only affects 6.7rc1 onwards"
+
+CVE_STATUS[CVE-2023-6817] = "cpe-stable-backport: Backported in 6.1.68"
+
+CVE_STATUS[CVE-2023-6931] = "cpe-stable-backport: Backported in 6.1.68"
+
+CVE_STATUS[CVE-2023-6932] = "cpe-stable-backport: Backported in 6.1.66"
+
+# CVE-2023-7042 has no known resolution
+
+CVE_STATUS[CVE-2023-7192] = "cpe-stable-backport: Backported in 6.1.18"
+
+CVE_STATUS[CVE-2024-0193] = "fixed-version: only affects 6.5rc6 onwards"
+
+# CVE-2024-0340 needs backporting (fixed from 6.4rc6)
+
+CVE_STATUS[CVE-2024-0443] = "fixed-version: only affects 6.2rc1 onwards"
+
+# Skipping dd=CVE-2023-1476, no affected_versions
+
generated by cgit v1.2.3 (git 2.39.0) at 2024-06-11 14:44:44 +0300