git.ipfire.org Git - thirdparty/openembedded/openembedded-core-contrib.git/commit

author	Niko Mauno <niko.mauno@vaisala.com>
	Mon, 26 May 2025 09:29:26 +0000 (09:29 +0000)
committer	Richard Purdie <richard.purdie@linuxfoundation.org>
	Thu, 29 May 2025 09:51:50 +0000 (10:51 +0100)
commit	b1a5939535d67b9c0e6d8c2729cff9749a0ebaae
tree	5086d522541fb7c715562c725bcaae62fadd4b8c	tree
parent	0df05f0bf82fdffb14c4243d07ace22b2d7e4c79	commit \| diff

linux: cve-exclusions: Fix false negatives

Amend the generate-cve-exclusions.py checking logic in part of the code
responsible for iterating the "affected" defaultStatus part of the JSON
structure in order to mitigate occurrences of false negatives in the
generated output, as well as occurrences of wrong reason for negative
result in case where the reason is actually that the checked kernel
version is in backport fix scope.

In tandem we regenerate the content of cve-exclusion_6.12.inc using
https://github.com/CVEProject/cvelistV5.git repository main branch at
git hash b20d0043711588b6409ae3118bc0510ab888c316 to keep the content
in sync with the script.

Signed-off-by: Niko Mauno <niko.mauno@vaisala.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

meta/recipes-kernel/linux/cve-exclusion_6.12.inc		diff \| blob \| blame \| history
meta/recipes-kernel/linux/generate-cve-exclusions.py		diff \| blob \| blame \| history