From: Ross Burton <ross.bur...@arm.com> Signed-off-by: Ross Burton <ross.bur...@arm.com> --- .../linux/cve-exclusion_6.1.inc | 64 ++++++++++++++++--- .../linux/cve-exclusion_6.5.inc | 58 +++++++++++++++-- 2 files changed, 107 insertions(+), 15 deletions(-)
diff --git a/meta/recipes-kernel/linux/cve-exclusion_6.1.inc b/meta/recipes-kernel/linux/cve-exclusion_6.1.inc index 6af53b0d750..a8df51f321a 100644 --- a/meta/recipes-kernel/linux/cve-exclusion_6.1.inc +++ b/meta/recipes-kernel/linux/cve-exclusion_6.1.inc @@ -1,6 +1,6 @@ # Auto-generated CVE metadata, DO NOT EDIT BY HAND. -# Generated at 2023-10-14 12:24:32.747058+00:00 for version 6.1.57 +# Generated at 2023-11-03 13:24:16.070181+00:00 for version 6.1.57 python check_kernel_cve_status_version() { this_version = "6.1.57" @@ -3354,7 +3354,7 @@ CVE_STATUS[CVE-2020-27194] = "fixed-version: Fixed from version 5.9" CVE_STATUS[CVE-2020-2732] = "fixed-version: Fixed from version 5.6rc4" -# CVE-2020-27418 has no known resolution +CVE_STATUS[CVE-2020-27418] = "fixed-version: Fixed from version 5.6rc5" CVE_STATUS[CVE-2020-27673] = "fixed-version: Fixed from version 5.10rc1" @@ -4644,7 +4644,7 @@ CVE_STATUS[CVE-2023-1118] = "cpe-stable-backport: Backported in 6.1.16" CVE_STATUS[CVE-2023-1192] = "cpe-stable-backport: Backported in 6.1.33" -# CVE-2023-1193 has no known resolution +# CVE-2023-1193 needs backporting (fixed from 6.3rc6) CVE_STATUS[CVE-2023-1194] = "cpe-stable-backport: Backported in 6.1.34" @@ -4856,7 +4856,7 @@ CVE_STATUS[CVE-2023-3106] = "fixed-version: Fixed from version 4.8rc7" # CVE-2023-31084 needs backporting (fixed from 6.4rc3) -# CVE-2023-31085 has no known resolution +CVE_STATUS[CVE-2023-31085] = "cpe-stable-backport: Backported in 6.1.57" CVE_STATUS[CVE-2023-3111] = "fixed-version: Fixed from version 6.0rc2" @@ -4936,6 +4936,8 @@ CVE_STATUS[CVE-2023-34256] = "cpe-stable-backport: Backported in 6.1.29" CVE_STATUS[CVE-2023-34319] = "cpe-stable-backport: Backported in 6.1.44" +CVE_STATUS[CVE-2023-34324] = "cpe-stable-backport: Backported in 6.1.57" + CVE_STATUS[CVE-2023-3439] = "fixed-version: Fixed from version 5.18rc5" CVE_STATUS[CVE-2023-35001] = "cpe-stable-backport: Backported in 6.1.39" @@ -4952,7 +4954,7 @@ CVE_STATUS[CVE-2023-35824] = "cpe-stable-backport: Backported in 6.1.28" CVE_STATUS[CVE-2023-35826] = "cpe-stable-backport: Backported in 6.1.28" -# CVE-2023-35827 has no known resolution +# CVE-2023-35827 needs backporting (fixed from 6.1.59) CVE_STATUS[CVE-2023-35828] = "cpe-stable-backport: Backported in 6.1.28" @@ -5004,6 +5006,16 @@ CVE_STATUS[CVE-2023-3866] = "cpe-stable-backport: Backported in 6.1.36" CVE_STATUS[CVE-2023-3867] = "cpe-stable-backport: Backported in 6.1.40" +CVE_STATUS[CVE-2023-39189] = "cpe-stable-backport: Backported in 6.1.54" + +# CVE-2023-39191 needs backporting (fixed from 6.3rc1) + +CVE_STATUS[CVE-2023-39192] = "cpe-stable-backport: Backported in 6.1.53" + +CVE_STATUS[CVE-2023-39193] = "cpe-stable-backport: Backported in 6.1.53" + +CVE_STATUS[CVE-2023-39194] = "cpe-stable-backport: Backported in 6.1.47" + CVE_STATUS[CVE-2023-4004] = "cpe-stable-backport: Backported in 6.1.42" # CVE-2023-4010 has no known resolution @@ -5012,6 +5024,8 @@ CVE_STATUS[CVE-2023-4015] = "cpe-stable-backport: Backported in 6.1.43" CVE_STATUS[CVE-2023-40283] = "cpe-stable-backport: Backported in 6.1.45" +# CVE-2023-40791 needs backporting (fixed from 6.5rc6) + CVE_STATUS[CVE-2023-4128] = "cpe-stable-backport: Backported in 6.1.45" CVE_STATUS[CVE-2023-4132] = "cpe-stable-backport: Backported in 6.1.39" @@ -5032,7 +5046,7 @@ CVE_STATUS[CVE-2023-4207] = "cpe-stable-backport: Backported in 6.1.45" CVE_STATUS[CVE-2023-4208] = "cpe-stable-backport: Backported in 6.1.45" -# CVE-2023-4244 needs backporting (fixed from 6.5rc7) +CVE_STATUS[CVE-2023-4244] = "cpe-stable-backport: Backported in 6.1.56" CVE_STATUS[CVE-2023-4273] = "cpe-stable-backport: Backported in 6.1.45" @@ -5040,8 +5054,12 @@ CVE_STATUS[CVE-2023-42752] = "cpe-stable-backport: Backported in 6.1.53" CVE_STATUS[CVE-2023-42753] = "cpe-stable-backport: Backported in 6.1.53" +CVE_STATUS[CVE-2023-42754] = "cpe-stable-backport: Backported in 6.1.56" + CVE_STATUS[CVE-2023-42755] = "cpe-stable-backport: Backported in 6.1.55" +CVE_STATUS[CVE-2023-42756] = "fixed-version: only affects 6.4rc6 onwards" + CVE_STATUS[CVE-2023-4385] = "fixed-version: Fixed from version 5.19rc1" CVE_STATUS[CVE-2023-4387] = "fixed-version: Fixed from version 5.18" @@ -5050,23 +5068,51 @@ CVE_STATUS[CVE-2023-4389] = "fixed-version: Fixed from version 5.18rc3" CVE_STATUS[CVE-2023-4394] = "fixed-version: Fixed from version 6.0rc3" +CVE_STATUS[CVE-2023-44466] = "cpe-stable-backport: Backported in 6.1.40" + CVE_STATUS[CVE-2023-4459] = "fixed-version: Fixed from version 5.18" -# CVE-2023-4563 needs backporting (fixed from 6.5rc6) +CVE_STATUS[CVE-2023-4563] = "cpe-stable-backport: Backported in 6.1.56" CVE_STATUS[CVE-2023-4569] = "cpe-stable-backport: Backported in 6.1.47" +CVE_STATUS[CVE-2023-45862] = "cpe-stable-backport: Backported in 6.1.18" + +CVE_STATUS[CVE-2023-45863] = "cpe-stable-backport: Backported in 6.1.16" + +CVE_STATUS[CVE-2023-45871] = "cpe-stable-backport: Backported in 6.1.53" + +CVE_STATUS[CVE-2023-45898] = "fixed-version: only affects 6.5rc1 onwards" + +# CVE-2023-4610 needs backporting (fixed from 6.4) + CVE_STATUS[CVE-2023-4611] = "fixed-version: only affects 6.4rc1 onwards" # CVE-2023-4622 needs backporting (fixed from 6.5rc1) CVE_STATUS[CVE-2023-4623] = "cpe-stable-backport: Backported in 6.1.53" +# CVE-2023-46813 needs backporting (fixed from 6.1.60) + +# CVE-2023-46862 needs backporting (fixed from 6.6) + +CVE_STATUS[CVE-2023-4732] = "fixed-version: Fixed from version 5.14rc1" + CVE_STATUS[CVE-2023-4881] = "cpe-stable-backport: Backported in 6.1.54" CVE_STATUS[CVE-2023-4921] = "cpe-stable-backport: Backported in 6.1.54" -# CVE-2023-5158 has no known resolution +# CVE-2023-5090 needs backporting (fixed from 6.6rc7) + +CVE_STATUS[CVE-2023-5158] = "cpe-stable-backport: Backported in 6.1.57" + +# CVE-2023-5178 needs backporting (fixed from 6.1.60) + +CVE_STATUS[CVE-2023-5197] = "cpe-stable-backport: Backported in 6.1.56" + +CVE_STATUS[CVE-2023-5345] = "cpe-stable-backport: Backported in 6.1.56" + +# CVE-2023-5633 needs backporting (fixed from 6.6rc6) -# CVE-2023-5197 needs backporting (fixed from 6.6rc3) +# CVE-2023-5717 needs backporting (fixed from 6.1.60) diff --git a/meta/recipes-kernel/linux/cve-exclusion_6.5.inc b/meta/recipes-kernel/linux/cve-exclusion_6.5.inc index dbcfdcd31c7..d48b0e14935 100644 --- a/meta/recipes-kernel/linux/cve-exclusion_6.5.inc +++ b/meta/recipes-kernel/linux/cve-exclusion_6.5.inc @@ -1,6 +1,6 @@ # Auto-generated CVE metadata, DO NOT EDIT BY HAND. -# Generated at 2023-10-14 12:24:32.683888+00:00 for version 6.5.7 +# Generated at 2023-11-03 13:24:25.010946+00:00 for version 6.5.7 python check_kernel_cve_status_version() { this_version = "6.5.7" @@ -3354,7 +3354,7 @@ CVE_STATUS[CVE-2020-27194] = "fixed-version: Fixed from version 5.9" CVE_STATUS[CVE-2020-2732] = "fixed-version: Fixed from version 5.6rc4" -# CVE-2020-27418 has no known resolution +CVE_STATUS[CVE-2020-27418] = "fixed-version: Fixed from version 5.6rc5" CVE_STATUS[CVE-2020-27673] = "fixed-version: Fixed from version 5.10rc1" @@ -4644,7 +4644,7 @@ CVE_STATUS[CVE-2023-1118] = "fixed-version: Fixed from version 6.3rc1" CVE_STATUS[CVE-2023-1192] = "fixed-version: Fixed from version 6.4rc1" -# CVE-2023-1193 has no known resolution +CVE_STATUS[CVE-2023-1193] = "fixed-version: Fixed from version 6.3rc6" CVE_STATUS[CVE-2023-1194] = "fixed-version: Fixed from version 6.4rc6" @@ -4856,7 +4856,7 @@ CVE_STATUS[CVE-2023-3106] = "fixed-version: Fixed from version 4.8rc7" CVE_STATUS[CVE-2023-31084] = "fixed-version: Fixed from version 6.4rc3" -# CVE-2023-31085 has no known resolution +# CVE-2023-31085 needs backporting (fixed from 6.6rc5) CVE_STATUS[CVE-2023-3111] = "fixed-version: Fixed from version 6.0rc2" @@ -4936,6 +4936,8 @@ CVE_STATUS[CVE-2023-34256] = "fixed-version: Fixed from version 6.4rc2" CVE_STATUS[CVE-2023-34319] = "fixed-version: Fixed from version 6.5rc6" +# CVE-2023-34324 needs backporting (fixed from 6.6rc6) + CVE_STATUS[CVE-2023-3439] = "fixed-version: Fixed from version 5.18rc5" CVE_STATUS[CVE-2023-35001] = "fixed-version: Fixed from version 6.5rc2" @@ -4952,7 +4954,7 @@ CVE_STATUS[CVE-2023-35824] = "fixed-version: Fixed from version 6.4rc1" CVE_STATUS[CVE-2023-35826] = "fixed-version: Fixed from version 6.4rc1" -# CVE-2023-35827 has no known resolution +# CVE-2023-35827 needs backporting (fixed from 6.6rc6) CVE_STATUS[CVE-2023-35828] = "fixed-version: Fixed from version 6.4rc1" @@ -5004,6 +5006,16 @@ CVE_STATUS[CVE-2023-3866] = "fixed-version: Fixed from version 6.4" CVE_STATUS[CVE-2023-3867] = "fixed-version: Fixed from version 6.5rc1" +# CVE-2023-39189 needs backporting (fixed from 6.6rc1) + +CVE_STATUS[CVE-2023-39191] = "fixed-version: Fixed from version 6.3rc1" + +# CVE-2023-39192 needs backporting (fixed from 6.6rc1) + +# CVE-2023-39193 needs backporting (fixed from 6.6rc1) + +CVE_STATUS[CVE-2023-39194] = "fixed-version: Fixed from version 6.5rc7" + CVE_STATUS[CVE-2023-4004] = "fixed-version: Fixed from version 6.5rc3" # CVE-2023-4010 has no known resolution @@ -5012,6 +5024,8 @@ CVE_STATUS[CVE-2023-4015] = "fixed-version: Fixed from version 6.5rc4" CVE_STATUS[CVE-2023-40283] = "fixed-version: Fixed from version 6.5rc1" +CVE_STATUS[CVE-2023-40791] = "fixed-version: Fixed from version 6.5rc6" + CVE_STATUS[CVE-2023-4128] = "fixed-version: Fixed from version 6.5rc5" CVE_STATUS[CVE-2023-4132] = "fixed-version: Fixed from version 6.5rc1" @@ -5040,8 +5054,12 @@ CVE_STATUS[CVE-2023-4273] = "fixed-version: Fixed from version 6.5rc5" # CVE-2023-42753 needs backporting (fixed from 6.6rc1) +# CVE-2023-42754 needs backporting (fixed from 6.6rc3) + CVE_STATUS[CVE-2023-42755] = "fixed-version: Fixed from version 6.3rc1" +# CVE-2023-42756 needs backporting (fixed from 6.6rc3) + CVE_STATUS[CVE-2023-4385] = "fixed-version: Fixed from version 5.19rc1" CVE_STATUS[CVE-2023-4387] = "fixed-version: Fixed from version 5.18" @@ -5050,23 +5068,51 @@ CVE_STATUS[CVE-2023-4389] = "fixed-version: Fixed from version 5.18rc3" CVE_STATUS[CVE-2023-4394] = "fixed-version: Fixed from version 6.0rc3" +CVE_STATUS[CVE-2023-44466] = "fixed-version: Fixed from version 6.5rc2" + CVE_STATUS[CVE-2023-4459] = "fixed-version: Fixed from version 5.18" CVE_STATUS[CVE-2023-4563] = "fixed-version: Fixed from version 6.5rc6" CVE_STATUS[CVE-2023-4569] = "fixed-version: Fixed from version 6.5rc7" +CVE_STATUS[CVE-2023-45862] = "fixed-version: Fixed from version 6.3rc1" + +CVE_STATUS[CVE-2023-45863] = "fixed-version: Fixed from version 6.3rc1" + +# CVE-2023-45871 needs backporting (fixed from 6.6rc1) + +# CVE-2023-45898 needs backporting (fixed from 6.6rc1) + +CVE_STATUS[CVE-2023-4610] = "fixed-version: Fixed from version 6.4" + CVE_STATUS[CVE-2023-4611] = "fixed-version: Fixed from version 6.5rc4" CVE_STATUS[CVE-2023-4622] = "fixed-version: Fixed from version 6.5rc1" # CVE-2023-4623 needs backporting (fixed from 6.6rc1) +# CVE-2023-46813 needs backporting (fixed from 6.6rc7) + +# CVE-2023-46862 needs backporting (fixed from 6.6) + +CVE_STATUS[CVE-2023-4732] = "fixed-version: Fixed from version 5.14rc1" + # CVE-2023-4881 needs backporting (fixed from 6.6rc1) # CVE-2023-4921 needs backporting (fixed from 6.6rc1) -# CVE-2023-5158 has no known resolution +# CVE-2023-5090 needs backporting (fixed from 6.6rc7) + +# CVE-2023-5158 needs backporting (fixed from 6.6rc5) + +# CVE-2023-5178 needs backporting (fixed from 6.6rc7) # CVE-2023-5197 needs backporting (fixed from 6.6rc3) +# CVE-2023-5345 needs backporting (fixed from 6.6rc4) + +# CVE-2023-5633 needs backporting (fixed from 6.6rc6) + +# CVE-2023-5717 needs backporting (fixed from 6.6rc7) + -- 2.34.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#190154): https://lists.openembedded.org/g/openembedded-core/message/190154 Mute This Topic: https://lists.openembedded.org/mt/102363590/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-