summaryrefslogtreecommitdiff
path: root/poky/meta/recipes-kernel/linux
diff options
context:
space:
mode:
Diffstat (limited to 'poky/meta/recipes-kernel/linux')
-rw-r--r--poky/meta/recipes-kernel/linux/cve-exclusion_6.1.inc68
-rw-r--r--poky/meta/recipes-kernel/linux/linux-yocto-rt_6.1.bb6
-rw-r--r--poky/meta/recipes-kernel/linux/linux-yocto-tiny_6.1.bb6
-rw-r--r--poky/meta/recipes-kernel/linux/linux-yocto_6.1.bb28
4 files changed, 82 insertions, 26 deletions
diff --git a/poky/meta/recipes-kernel/linux/cve-exclusion_6.1.inc b/poky/meta/recipes-kernel/linux/cve-exclusion_6.1.inc
index 1b51737c7d..45fcc7b260 100644
--- a/poky/meta/recipes-kernel/linux/cve-exclusion_6.1.inc
+++ b/poky/meta/recipes-kernel/linux/cve-exclusion_6.1.inc
@@ -1,9 +1,9 @@
# Auto-generated CVE metadata, DO NOT EDIT BY HAND.
-# Generated at 2023-12-23 08:44:42.304531+00:00 for version 6.1.68
+# Generated at 2024-01-18 21:10:06.148505+00:00 for version 6.1.73
python check_kernel_cve_status_version() {
- this_version = "6.1.68"
+ this_version = "6.1.73"
kernel_version = d.getVar("LINUX_VERSION")
if kernel_version != this_version:
bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version))
@@ -4584,6 +4584,8 @@ CVE_STATUS[CVE-2022-48425] = "cpe-stable-backport: Backported in 6.1.33"
CVE_STATUS[CVE-2022-48502] = "cpe-stable-backport: Backported in 6.1.40"
+CVE_STATUS[CVE-2022-48619] = "fixed-version: Fixed from version 5.18rc1"
+
CVE_STATUS[CVE-2023-0030] = "fixed-version: Fixed from version 5.0rc1"
CVE_STATUS[CVE-2023-0045] = "cpe-stable-backport: Backported in 6.1.5"
@@ -4644,7 +4646,7 @@ CVE_STATUS[CVE-2023-1118] = "cpe-stable-backport: Backported in 6.1.16"
CVE_STATUS[CVE-2023-1192] = "cpe-stable-backport: Backported in 6.1.33"
-# CVE-2023-1193 needs backporting (fixed from 6.3rc6)
+CVE_STATUS[CVE-2023-1193] = "cpe-stable-backport: Backported in 6.1.71"
CVE_STATUS[CVE-2023-1194] = "cpe-stable-backport: Backported in 6.1.34"
@@ -4666,6 +4668,8 @@ CVE_STATUS[CVE-2023-1382] = "fixed-version: Fixed from version 6.1rc7"
CVE_STATUS[CVE-2023-1390] = "fixed-version: Fixed from version 5.11rc4"
+# CVE-2023-1476 has no known resolution
+
CVE_STATUS[CVE-2023-1513] = "cpe-stable-backport: Backported in 6.1.13"
CVE_STATUS[CVE-2023-1582] = "fixed-version: Fixed from version 5.17rc4"
@@ -5088,7 +5092,7 @@ CVE_STATUS[CVE-2023-45871] = "cpe-stable-backport: Backported in 6.1.53"
CVE_STATUS[CVE-2023-45898] = "fixed-version: only affects 6.5rc1 onwards"
-# CVE-2023-4610 needs backporting (fixed from 6.4)
+CVE_STATUS[CVE-2023-4610] = "fixed-version: only affects 6.4rc1 onwards"
CVE_STATUS[CVE-2023-4611] = "fixed-version: only affects 6.4rc1 onwards"
@@ -5106,11 +5110,21 @@ CVE_STATUS[CVE-2023-4881] = "cpe-stable-backport: Backported in 6.1.54"
CVE_STATUS[CVE-2023-4921] = "cpe-stable-backport: Backported in 6.1.54"
+# CVE-2023-50431 has no known resolution
+
CVE_STATUS[CVE-2023-5090] = "cpe-stable-backport: Backported in 6.1.62"
CVE_STATUS[CVE-2023-5158] = "cpe-stable-backport: Backported in 6.1.57"
-# CVE-2023-5178 needs backporting (fixed from 6.1.60)
+CVE_STATUS[CVE-2023-51779] = "cpe-stable-backport: Backported in 6.1.70"
+
+CVE_STATUS[CVE-2023-5178] = "cpe-stable-backport: Backported in 6.1.60"
+
+CVE_STATUS[CVE-2023-51780] = "cpe-stable-backport: Backported in 6.1.69"
+
+CVE_STATUS[CVE-2023-51781] = "cpe-stable-backport: Backported in 6.1.69"
+
+CVE_STATUS[CVE-2023-51782] = "cpe-stable-backport: Backported in 6.1.69"
CVE_STATUS[CVE-2023-5197] = "cpe-stable-backport: Backported in 6.1.56"
@@ -5120,10 +5134,12 @@ CVE_STATUS[CVE-2023-5633] = "fixed-version: only affects 6.2 onwards"
# CVE-2023-5717 needs backporting (fixed from 6.1.60)
-# CVE-2023-5972 needs backporting (fixed from 6.6rc7)
+CVE_STATUS[CVE-2023-5972] = "fixed-version: only affects 6.2rc1 onwards"
# CVE-2023-6039 needs backporting (fixed from 6.5rc5)
+CVE_STATUS[CVE-2023-6040] = "fixed-version: Fixed from version 5.18rc1"
+
CVE_STATUS[CVE-2023-6111] = "fixed-version: only affects 6.6rc3 onwards"
CVE_STATUS[CVE-2023-6121] = "cpe-stable-backport: Backported in 6.1.65"
@@ -5132,3 +5148,43 @@ CVE_STATUS[CVE-2023-6176] = "cpe-stable-backport: Backported in 6.1.54"
# CVE-2023-6238 has no known resolution
+# CVE-2023-6270 has no known resolution
+
+# CVE-2023-6356 has no known resolution
+
+CVE_STATUS[CVE-2023-6531] = "cpe-stable-backport: Backported in 6.1.68"
+
+# CVE-2023-6535 has no known resolution
+
+# CVE-2023-6536 has no known resolution
+
+CVE_STATUS[CVE-2023-6546] = "cpe-stable-backport: Backported in 6.1.47"
+
+# CVE-2023-6560 needs backporting (fixed from 6.7rc4)
+
+CVE_STATUS[CVE-2023-6606] = "cpe-stable-backport: Backported in 6.1.70"
+
+# CVE-2023-6610 needs backporting (fixed from 6.7rc7)
+
+CVE_STATUS[CVE-2023-6622] = "cpe-stable-backport: Backported in 6.1.68"
+
+CVE_STATUS[CVE-2023-6679] = "fixed-version: only affects 6.7rc1 onwards"
+
+CVE_STATUS[CVE-2023-6817] = "cpe-stable-backport: Backported in 6.1.68"
+
+CVE_STATUS[CVE-2023-6931] = "cpe-stable-backport: Backported in 6.1.68"
+
+CVE_STATUS[CVE-2023-6932] = "cpe-stable-backport: Backported in 6.1.66"
+
+# CVE-2023-7042 has no known resolution
+
+CVE_STATUS[CVE-2023-7192] = "cpe-stable-backport: Backported in 6.1.18"
+
+CVE_STATUS[CVE-2024-0193] = "fixed-version: only affects 6.5rc6 onwards"
+
+# CVE-2024-0340 needs backporting (fixed from 6.4rc6)
+
+CVE_STATUS[CVE-2024-0443] = "fixed-version: only affects 6.2rc1 onwards"
+
+# Skipping dd=CVE-2023-1476, no affected_versions
+
diff --git a/poky/meta/recipes-kernel/linux/linux-yocto-rt_6.1.bb b/poky/meta/recipes-kernel/linux/linux-yocto-rt_6.1.bb
index 5cfc5a7dd8..06c07b70c8 100644
--- a/poky/meta/recipes-kernel/linux/linux-yocto-rt_6.1.bb
+++ b/poky/meta/recipes-kernel/linux/linux-yocto-rt_6.1.bb
@@ -14,13 +14,13 @@ python () {
raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
}
-SRCREV_machine ?= "739b3001f20153a66d2723de81faae18cd61892b"
-SRCREV_meta ?= "991713c8765172cb5d18703d15589f3ec6e1b772"
+SRCREV_machine ?= "6fd0860ac9846438f226257ab515bcd612fdc379"
+SRCREV_meta ?= "40dede8a165ea5894f172fede6baa0dd94d23fec"
SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine;protocol=https \
git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-6.1;destsuffix=${KMETA};protocol=https"
-LINUX_VERSION ?= "6.1.68"
+LINUX_VERSION ?= "6.1.73"
LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
diff --git a/poky/meta/recipes-kernel/linux/linux-yocto-tiny_6.1.bb b/poky/meta/recipes-kernel/linux/linux-yocto-tiny_6.1.bb
index e19b0ec132..e391074f8b 100644
--- a/poky/meta/recipes-kernel/linux/linux-yocto-tiny_6.1.bb
+++ b/poky/meta/recipes-kernel/linux/linux-yocto-tiny_6.1.bb
@@ -8,7 +8,7 @@ require recipes-kernel/linux/linux-yocto.inc
# CVE exclusions
include recipes-kernel/linux/cve-exclusion_6.1.inc
-LINUX_VERSION ?= "6.1.68"
+LINUX_VERSION ?= "6.1.73"
LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
@@ -17,8 +17,8 @@ DEPENDS += "openssl-native util-linux-native"
KMETA = "kernel-meta"
KCONF_BSP_AUDIT_LEVEL = "2"
-SRCREV_machine ?= "db1e71dc5c31557828fae0084b0f9cc83882eacd"
-SRCREV_meta ?= "991713c8765172cb5d18703d15589f3ec6e1b772"
+SRCREV_machine ?= "6c78fd37122b29c40bd8bb6f43aaa1ba7d6fb53a"
+SRCREV_meta ?= "40dede8a165ea5894f172fede6baa0dd94d23fec"
PV = "${LINUX_VERSION}+git"
diff --git a/poky/meta/recipes-kernel/linux/linux-yocto_6.1.bb b/poky/meta/recipes-kernel/linux/linux-yocto_6.1.bb
index 1329ccc958..f520954646 100644
--- a/poky/meta/recipes-kernel/linux/linux-yocto_6.1.bb
+++ b/poky/meta/recipes-kernel/linux/linux-yocto_6.1.bb
@@ -18,25 +18,25 @@ KBRANCH:qemux86-64 ?= "v6.1/standard/base"
KBRANCH:qemuloongarch64 ?= "v6.1/standard/base"
KBRANCH:qemumips64 ?= "v6.1/standard/mti-malta64"
-SRCREV_machine:qemuarm ?= "85915187700314cb7ac70fd33da3e9dfd7c20063"
-SRCREV_machine:qemuarm64 ?= "db1e71dc5c31557828fae0084b0f9cc83882eacd"
-SRCREV_machine:qemuloongarch64 ?= "db1e71dc5c31557828fae0084b0f9cc83882eacd"
-SRCREV_machine:qemumips ?= "24b06ee00fc3b65a24d7e867148b08a85296e67c"
-SRCREV_machine:qemuppc ?= "db1e71dc5c31557828fae0084b0f9cc83882eacd"
-SRCREV_machine:qemuriscv64 ?= "db1e71dc5c31557828fae0084b0f9cc83882eacd"
-SRCREV_machine:qemuriscv32 ?= "db1e71dc5c31557828fae0084b0f9cc83882eacd"
-SRCREV_machine:qemux86 ?= "db1e71dc5c31557828fae0084b0f9cc83882eacd"
-SRCREV_machine:qemux86-64 ?= "db1e71dc5c31557828fae0084b0f9cc83882eacd"
-SRCREV_machine:qemumips64 ?= "d4659a339611a02e4ffc2861e697c1a278707d70"
-SRCREV_machine ?= "db1e71dc5c31557828fae0084b0f9cc83882eacd"
-SRCREV_meta ?= "991713c8765172cb5d18703d15589f3ec6e1b772"
+SRCREV_machine:qemuarm ?= "45e6b64447b888e94af6fa8529cf976bf8116624"
+SRCREV_machine:qemuarm64 ?= "6c78fd37122b29c40bd8bb6f43aaa1ba7d6fb53a"
+SRCREV_machine:qemuloongarch64 ?= "6c78fd37122b29c40bd8bb6f43aaa1ba7d6fb53a"
+SRCREV_machine:qemumips ?= "90ea25826ce7ef511d0d93ae33c3888f3b583bf3"
+SRCREV_machine:qemuppc ?= "6c78fd37122b29c40bd8bb6f43aaa1ba7d6fb53a"
+SRCREV_machine:qemuriscv64 ?= "6c78fd37122b29c40bd8bb6f43aaa1ba7d6fb53a"
+SRCREV_machine:qemuriscv32 ?= "6c78fd37122b29c40bd8bb6f43aaa1ba7d6fb53a"
+SRCREV_machine:qemux86 ?= "6c78fd37122b29c40bd8bb6f43aaa1ba7d6fb53a"
+SRCREV_machine:qemux86-64 ?= "6c78fd37122b29c40bd8bb6f43aaa1ba7d6fb53a"
+SRCREV_machine:qemumips64 ?= "59248cf67c17a987f898d9d0c81292cb5fcda858"
+SRCREV_machine ?= "6c78fd37122b29c40bd8bb6f43aaa1ba7d6fb53a"
+SRCREV_meta ?= "40dede8a165ea5894f172fede6baa0dd94d23fec"
# set your preferred provider of linux-yocto to 'linux-yocto-upstream', and you'll
# get the <version>/base branch, which is pure upstream -stable, and the same
# meta SRCREV as the linux-yocto-standard builds. Select your version using the
# normal PREFERRED_VERSION settings.
BBCLASSEXTEND = "devupstream:target"
-SRCREV_machine:class-devupstream ?= "ba6f5fb465114fcd48ddb2c7a7740915b2289d6b"
+SRCREV_machine:class-devupstream ?= "fec3b1451d5febbc9e04250f879c10f8952e6bed"
PN:class-devupstream = "linux-yocto-upstream"
KBRANCH:class-devupstream = "v6.1/base"
@@ -45,7 +45,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA
SRC_URI += "file://0001-perf-cpumap-Make-counter-as-unsigned-ints.patch"
LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
-LINUX_VERSION ?= "6.1.68"
+LINUX_VERSION ?= "6.1.73"
PV = "${LINUX_VERSION}+git"
generated by cgit v1.2.3 (git 2.39.0) at 2024-06-11 04:23:01 +0300