diff options
Diffstat (limited to 'poky/meta/recipes-kernel/linux')
4 files changed, 82 insertions, 26 deletions
diff --git a/poky/meta/recipes-kernel/linux/cve-exclusion_6.1.inc b/poky/meta/recipes-kernel/linux/cve-exclusion_6.1.inc index 1b51737c7d..45fcc7b260 100644 --- a/poky/meta/recipes-kernel/linux/cve-exclusion_6.1.inc +++ b/poky/meta/recipes-kernel/linux/cve-exclusion_6.1.inc @@ -1,9 +1,9 @@ # Auto-generated CVE metadata, DO NOT EDIT BY HAND. -# Generated at 2023-12-23 08:44:42.304531+00:00 for version 6.1.68 +# Generated at 2024-01-18 21:10:06.148505+00:00 for version 6.1.73 python check_kernel_cve_status_version() { - this_version = "6.1.68" + this_version = "6.1.73" kernel_version = d.getVar("LINUX_VERSION") if kernel_version != this_version: bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version)) @@ -4584,6 +4584,8 @@ CVE_STATUS[CVE-2022-48425] = "cpe-stable-backport: Backported in 6.1.33" CVE_STATUS[CVE-2022-48502] = "cpe-stable-backport: Backported in 6.1.40" +CVE_STATUS[CVE-2022-48619] = "fixed-version: Fixed from version 5.18rc1" + CVE_STATUS[CVE-2023-0030] = "fixed-version: Fixed from version 5.0rc1" CVE_STATUS[CVE-2023-0045] = "cpe-stable-backport: Backported in 6.1.5" @@ -4644,7 +4646,7 @@ CVE_STATUS[CVE-2023-1118] = "cpe-stable-backport: Backported in 6.1.16" CVE_STATUS[CVE-2023-1192] = "cpe-stable-backport: Backported in 6.1.33" -# CVE-2023-1193 needs backporting (fixed from 6.3rc6) +CVE_STATUS[CVE-2023-1193] = "cpe-stable-backport: Backported in 6.1.71" CVE_STATUS[CVE-2023-1194] = "cpe-stable-backport: Backported in 6.1.34" @@ -4666,6 +4668,8 @@ CVE_STATUS[CVE-2023-1382] = "fixed-version: Fixed from version 6.1rc7" CVE_STATUS[CVE-2023-1390] = "fixed-version: Fixed from version 5.11rc4" +# CVE-2023-1476 has no known resolution + CVE_STATUS[CVE-2023-1513] = "cpe-stable-backport: Backported in 6.1.13" CVE_STATUS[CVE-2023-1582] = "fixed-version: Fixed from version 5.17rc4" @@ -5088,7 +5092,7 @@ CVE_STATUS[CVE-2023-45871] = "cpe-stable-backport: Backported in 6.1.53" CVE_STATUS[CVE-2023-45898] = "fixed-version: only affects 6.5rc1 onwards" -# CVE-2023-4610 needs backporting (fixed from 6.4) +CVE_STATUS[CVE-2023-4610] = "fixed-version: only affects 6.4rc1 onwards" CVE_STATUS[CVE-2023-4611] = "fixed-version: only affects 6.4rc1 onwards" @@ -5106,11 +5110,21 @@ CVE_STATUS[CVE-2023-4881] = "cpe-stable-backport: Backported in 6.1.54" CVE_STATUS[CVE-2023-4921] = "cpe-stable-backport: Backported in 6.1.54" +# CVE-2023-50431 has no known resolution + CVE_STATUS[CVE-2023-5090] = "cpe-stable-backport: Backported in 6.1.62" CVE_STATUS[CVE-2023-5158] = "cpe-stable-backport: Backported in 6.1.57" -# CVE-2023-5178 needs backporting (fixed from 6.1.60) +CVE_STATUS[CVE-2023-51779] = "cpe-stable-backport: Backported in 6.1.70" + +CVE_STATUS[CVE-2023-5178] = "cpe-stable-backport: Backported in 6.1.60" + +CVE_STATUS[CVE-2023-51780] = "cpe-stable-backport: Backported in 6.1.69" + +CVE_STATUS[CVE-2023-51781] = "cpe-stable-backport: Backported in 6.1.69" + +CVE_STATUS[CVE-2023-51782] = "cpe-stable-backport: Backported in 6.1.69" CVE_STATUS[CVE-2023-5197] = "cpe-stable-backport: Backported in 6.1.56" @@ -5120,10 +5134,12 @@ CVE_STATUS[CVE-2023-5633] = "fixed-version: only affects 6.2 onwards" # CVE-2023-5717 needs backporting (fixed from 6.1.60) -# CVE-2023-5972 needs backporting (fixed from 6.6rc7) +CVE_STATUS[CVE-2023-5972] = "fixed-version: only affects 6.2rc1 onwards" # CVE-2023-6039 needs backporting (fixed from 6.5rc5) +CVE_STATUS[CVE-2023-6040] = "fixed-version: Fixed from version 5.18rc1" + CVE_STATUS[CVE-2023-6111] = "fixed-version: only affects 6.6rc3 onwards" CVE_STATUS[CVE-2023-6121] = "cpe-stable-backport: Backported in 6.1.65" @@ -5132,3 +5148,43 @@ CVE_STATUS[CVE-2023-6176] = "cpe-stable-backport: Backported in 6.1.54" # CVE-2023-6238 has no known resolution +# CVE-2023-6270 has no known resolution + +# CVE-2023-6356 has no known resolution + +CVE_STATUS[CVE-2023-6531] = "cpe-stable-backport: Backported in 6.1.68" + +# CVE-2023-6535 has no known resolution + +# CVE-2023-6536 has no known resolution + +CVE_STATUS[CVE-2023-6546] = "cpe-stable-backport: Backported in 6.1.47" + +# CVE-2023-6560 needs backporting (fixed from 6.7rc4) + +CVE_STATUS[CVE-2023-6606] = "cpe-stable-backport: Backported in 6.1.70" + +# CVE-2023-6610 needs backporting (fixed from 6.7rc7) + +CVE_STATUS[CVE-2023-6622] = "cpe-stable-backport: Backported in 6.1.68" + +CVE_STATUS[CVE-2023-6679] = "fixed-version: only affects 6.7rc1 onwards" + +CVE_STATUS[CVE-2023-6817] = "cpe-stable-backport: Backported in 6.1.68" + +CVE_STATUS[CVE-2023-6931] = "cpe-stable-backport: Backported in 6.1.68" + +CVE_STATUS[CVE-2023-6932] = "cpe-stable-backport: Backported in 6.1.66" + +# CVE-2023-7042 has no known resolution + +CVE_STATUS[CVE-2023-7192] = "cpe-stable-backport: Backported in 6.1.18" + +CVE_STATUS[CVE-2024-0193] = "fixed-version: only affects 6.5rc6 onwards" + +# CVE-2024-0340 needs backporting (fixed from 6.4rc6) + +CVE_STATUS[CVE-2024-0443] = "fixed-version: only affects 6.2rc1 onwards" + +# Skipping dd=CVE-2023-1476, no affected_versions + diff --git a/poky/meta/recipes-kernel/linux/linux-yocto-rt_6.1.bb b/poky/meta/recipes-kernel/linux/linux-yocto-rt_6.1.bb index 5cfc5a7dd8..06c07b70c8 100644 --- a/poky/meta/recipes-kernel/linux/linux-yocto-rt_6.1.bb +++ b/poky/meta/recipes-kernel/linux/linux-yocto-rt_6.1.bb @@ -14,13 +14,13 @@ python () { raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it") } -SRCREV_machine ?= "739b3001f20153a66d2723de81faae18cd61892b" -SRCREV_meta ?= "991713c8765172cb5d18703d15589f3ec6e1b772" +SRCREV_machine ?= "6fd0860ac9846438f226257ab515bcd612fdc379" +SRCREV_meta ?= "40dede8a165ea5894f172fede6baa0dd94d23fec" SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine;protocol=https \ git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-6.1;destsuffix=${KMETA};protocol=https" -LINUX_VERSION ?= "6.1.68" +LINUX_VERSION ?= "6.1.73" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" diff --git a/poky/meta/recipes-kernel/linux/linux-yocto-tiny_6.1.bb b/poky/meta/recipes-kernel/linux/linux-yocto-tiny_6.1.bb index e19b0ec132..e391074f8b 100644 --- a/poky/meta/recipes-kernel/linux/linux-yocto-tiny_6.1.bb +++ b/poky/meta/recipes-kernel/linux/linux-yocto-tiny_6.1.bb @@ -8,7 +8,7 @@ require recipes-kernel/linux/linux-yocto.inc # CVE exclusions include recipes-kernel/linux/cve-exclusion_6.1.inc -LINUX_VERSION ?= "6.1.68" +LINUX_VERSION ?= "6.1.73" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}" @@ -17,8 +17,8 @@ DEPENDS += "openssl-native util-linux-native" KMETA = "kernel-meta" KCONF_BSP_AUDIT_LEVEL = "2" -SRCREV_machine ?= "db1e71dc5c31557828fae0084b0f9cc83882eacd" -SRCREV_meta ?= "991713c8765172cb5d18703d15589f3ec6e1b772" +SRCREV_machine ?= "6c78fd37122b29c40bd8bb6f43aaa1ba7d6fb53a" +SRCREV_meta ?= "40dede8a165ea5894f172fede6baa0dd94d23fec" PV = "${LINUX_VERSION}+git" diff --git a/poky/meta/recipes-kernel/linux/linux-yocto_6.1.bb b/poky/meta/recipes-kernel/linux/linux-yocto_6.1.bb index 1329ccc958..f520954646 100644 --- a/poky/meta/recipes-kernel/linux/linux-yocto_6.1.bb +++ b/poky/meta/recipes-kernel/linux/linux-yocto_6.1.bb @@ -18,25 +18,25 @@ KBRANCH:qemux86-64 ?= "v6.1/standard/base" KBRANCH:qemuloongarch64 ?= "v6.1/standard/base" KBRANCH:qemumips64 ?= "v6.1/standard/mti-malta64" -SRCREV_machine:qemuarm ?= "85915187700314cb7ac70fd33da3e9dfd7c20063" -SRCREV_machine:qemuarm64 ?= "db1e71dc5c31557828fae0084b0f9cc83882eacd" -SRCREV_machine:qemuloongarch64 ?= "db1e71dc5c31557828fae0084b0f9cc83882eacd" -SRCREV_machine:qemumips ?= "24b06ee00fc3b65a24d7e867148b08a85296e67c" -SRCREV_machine:qemuppc ?= "db1e71dc5c31557828fae0084b0f9cc83882eacd" -SRCREV_machine:qemuriscv64 ?= "db1e71dc5c31557828fae0084b0f9cc83882eacd" -SRCREV_machine:qemuriscv32 ?= "db1e71dc5c31557828fae0084b0f9cc83882eacd" -SRCREV_machine:qemux86 ?= "db1e71dc5c31557828fae0084b0f9cc83882eacd" -SRCREV_machine:qemux86-64 ?= "db1e71dc5c31557828fae0084b0f9cc83882eacd" -SRCREV_machine:qemumips64 ?= "d4659a339611a02e4ffc2861e697c1a278707d70" -SRCREV_machine ?= "db1e71dc5c31557828fae0084b0f9cc83882eacd" -SRCREV_meta ?= "991713c8765172cb5d18703d15589f3ec6e1b772" +SRCREV_machine:qemuarm ?= "45e6b64447b888e94af6fa8529cf976bf8116624" +SRCREV_machine:qemuarm64 ?= "6c78fd37122b29c40bd8bb6f43aaa1ba7d6fb53a" +SRCREV_machine:qemuloongarch64 ?= "6c78fd37122b29c40bd8bb6f43aaa1ba7d6fb53a" +SRCREV_machine:qemumips ?= "90ea25826ce7ef511d0d93ae33c3888f3b583bf3" +SRCREV_machine:qemuppc ?= "6c78fd37122b29c40bd8bb6f43aaa1ba7d6fb53a" +SRCREV_machine:qemuriscv64 ?= "6c78fd37122b29c40bd8bb6f43aaa1ba7d6fb53a" +SRCREV_machine:qemuriscv32 ?= "6c78fd37122b29c40bd8bb6f43aaa1ba7d6fb53a" +SRCREV_machine:qemux86 ?= "6c78fd37122b29c40bd8bb6f43aaa1ba7d6fb53a" +SRCREV_machine:qemux86-64 ?= "6c78fd37122b29c40bd8bb6f43aaa1ba7d6fb53a" +SRCREV_machine:qemumips64 ?= "59248cf67c17a987f898d9d0c81292cb5fcda858" +SRCREV_machine ?= "6c78fd37122b29c40bd8bb6f43aaa1ba7d6fb53a" +SRCREV_meta ?= "40dede8a165ea5894f172fede6baa0dd94d23fec" # set your preferred provider of linux-yocto to 'linux-yocto-upstream', and you'll # get the <version>/base branch, which is pure upstream -stable, and the same # meta SRCREV as the linux-yocto-standard builds. Select your version using the # normal PREFERRED_VERSION settings. BBCLASSEXTEND = "devupstream:target" -SRCREV_machine:class-devupstream ?= "ba6f5fb465114fcd48ddb2c7a7740915b2289d6b" +SRCREV_machine:class-devupstream ?= "fec3b1451d5febbc9e04250f879c10f8952e6bed" PN:class-devupstream = "linux-yocto-upstream" KBRANCH:class-devupstream = "v6.1/base" @@ -45,7 +45,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA SRC_URI += "file://0001-perf-cpumap-Make-counter-as-unsigned-ints.patch" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" -LINUX_VERSION ?= "6.1.68" +LINUX_VERSION ?= "6.1.73" PV = "${LINUX_VERSION}+git" |