git.ipfire.org Git - thirdparty/openembedded/openembedded-core.git/commit

author	Daniel Turull <daniel.turull@ericsson.com>
	Fri, 11 Apr 2025 06:40:15 +0000 (08:40 +0200)
committer	Steve Sakoman <steve@sakoman.com>
	Tue, 1 Jul 2025 13:51:49 +0000 (06:51 -0700)
commit	ec9a04c6e86efe9d5351eb7956cfc3e94bcdc09a
tree	a90685978a6820fd7c9a3a9fa38ac3051c7d4c65	tree \| snapshot
parent	ab4d2a79188da5b58bf9a4eacc2460a00a5c1d70	commit \| diff

linux/cve-exclusion: Execute the script after changing to the new data source

Execute new script generate-cve-exclusions.py
./generate-cve-exclusions.py ~/cvelistV5/ 6.12.19 > cve-exclusion_6.12.inc

After using the database from CVEproject, some old
CVEs did not have correct metadata, therefore moving missing ones
from old cve-exclusions_6.12.inc into cve-exclusion.inc

Comparing output from cve_check before and after, two CVEs are removed:
CVE-2023-52904 and CVE-2024-38381

Signed-off-by: Daniel Turull <daniel.turull@ericsson.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 8a7af09febc28477094de0999ab6321d910811b2)
Signed-off-by: Steve Sakoman <steve@sakoman.com>

meta/recipes-kernel/linux/cve-exclusion.inc		diff \| blob \| blame \| history
meta/recipes-kernel/linux/cve-exclusion_6.12.inc		diff \| blob \| blame \| history