]> git.ipfire.org Git - thirdparty/openembedded/openembedded-core-contrib.git/commitdiff
projects / thirdparty / openembedded / openembedded-core-contrib.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 6df6826)
cve-exclusions: correct cve status for 5 entries
authorDaniel Turull <daniel.turull@ericsson.com>
Sat, 26 Apr 2025 16:19:29 +0000 (18:19 +0200)
committerSteve Sakoman <steve@sakoman.com>
Tue, 1 Jul 2025 13:52:39 +0000 (06:52 -0700)
In commit 8a7af09feb the CVE_STATUS was copy from the old data
for 6.6 kernel, which had backport information.
Correcting status to when the fix was introduced and adding
references to the fixes.

Fixes: 8a7af09febc28477094de0999ab6321d910811b2
Reported-by: Peter Marko <Peter.Marko@siemens.com>
Signed-off-by: Daniel Turull <daniel.turull@ericsson.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit fc3e32bc4cf79ddce0eb9fa409656de4dc0e00ea)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
meta/recipes-kernel/linux/cve-exclusion.inc patch | blob | blame | history

diff --git a/meta/recipes-kernel/linux/cve-exclusion.inc b/meta/recipes-kernel/linux/cve-exclusion.inc
index 5f96a81bddc0b00cee10e018a3b1e636bc830c36..f1b7db44b68b0c14fc40da6d0ae48f4edd905a64 100644 (file)
--- a/meta/recipes-kernel/linux/cve-exclusion.inc
+++ b/meta/recipes-kernel/linux/cve-exclusion.inc
@@ -141,12 +141,17 @@ CVE_STATUS[CVE-2023-4155] = "fixed-version: Fixed from version 6.5rc6"
 
 CVE_STATUS[CVE-2023-6176] = "fixed-version: Fixed from version 6.6rc2"
 
-CVE_STATUS[CVE-2023-6270] = "cpe-stable-backport: Backported in 6.6.23"
+# Fix https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=f98364e926626c678fb4b9004b75cacf92ff0662
+CVE_STATUS[CVE-2023-6270] = "fixed-version: Fixed from 6.9"
 
-CVE_STATUS[CVE-2023-6610] = "cpe-stable-backport: Backported in 6.6.13"
+# Fix https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=567320c46a60a3c39b69aa1df802d753817a3f86
+CVE_STATUS[CVE-2023-6610] = "fixed-version: Fixed from 6.7rc7"
 
-CVE_STATUS[CVE-2023-6679] = "fixed-version: only affects 6.7rc1 onwards"
+#Fix https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=65c95f78917ea6fa7ff189a2c19879c4fe161873
+CVE_STATUS[CVE-2023-6679] = "fixed-version: Fixed from 6.7rc6"
 
-CVE_STATUS[CVE-2023-7042] = "cpe-stable-backport: Backported in 6.6.23"
+#Fix https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=ad25ee36f00172f7d53242dc77c69fff7ced0755
+CVE_STATUS[CVE-2023-7042] = "fixed-version: Fixed from 6.9rc1"
 
-CVE_STATUS[CVE-2024-0193] = "cpe-stable-backport: Backported in 6.6.10"
+#Fix https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=7315dc1e122c85ffdfc8defffbb8f8b616c2eb1a
+CVE_STATUS[CVE-2024-0193] = "fixed-version: Fixed from 6.7"
Mirror of git://git.openembedded.org/openembedded-core-contrib