From: Richard Purdie Date: Thu, 9 Nov 2023 17:13:10 +0000 (+0000) Subject: linux/cve-exclusion6.1/6.5: Update to latest kernel point releases X-Git-Tag: yocto-5.2~4614 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=e17b76644b26ef832b632a03f537060f88344bd8;p=thirdparty%2Fopenembedded%2Fopenembedded-core-contrib.git linux/cve-exclusion6.1/6.5: Update to latest kernel point releases Signed-off-by: Richard Purdie --- diff --git a/meta/recipes-kernel/linux/cve-exclusion_6.1.inc b/meta/recipes-kernel/linux/cve-exclusion_6.1.inc index 3f708b0cc51..1216e0c2ddd 100644 --- a/meta/recipes-kernel/linux/cve-exclusion_6.1.inc +++ b/meta/recipes-kernel/linux/cve-exclusion_6.1.inc @@ -1,9 +1,9 @@ # Auto-generated CVE metadata, DO NOT EDIT BY HAND. -# Generated at 2023-10-23 14:03:17.479563+00:00 for version 6.1.57 +# Generated at 2023-11-09 17:12:27.365962+00:00 for version 6.1.61 python check_kernel_cve_status_version() { - this_version = "6.1.57" + this_version = "6.1.61" kernel_version = d.getVar("LINUX_VERSION") if kernel_version != this_version: bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version)) @@ -4644,7 +4644,7 @@ CVE_STATUS[CVE-2023-1118] = "cpe-stable-backport: Backported in 6.1.16" CVE_STATUS[CVE-2023-1192] = "cpe-stable-backport: Backported in 6.1.33" -# CVE-2023-1193 has no known resolution +# CVE-2023-1193 needs backporting (fixed from 6.3rc6) CVE_STATUS[CVE-2023-1194] = "cpe-stable-backport: Backported in 6.1.34" @@ -4954,7 +4954,7 @@ CVE_STATUS[CVE-2023-35824] = "cpe-stable-backport: Backported in 6.1.28" CVE_STATUS[CVE-2023-35826] = "cpe-stable-backport: Backported in 6.1.28" -# CVE-2023-35827 has no known resolution +CVE_STATUS[CVE-2023-35827] = "cpe-stable-backport: Backported in 6.1.59" CVE_STATUS[CVE-2023-35828] = "cpe-stable-backport: Backported in 6.1.28" @@ -5024,7 +5024,7 @@ CVE_STATUS[CVE-2023-4015] = "cpe-stable-backport: Backported in 6.1.43" CVE_STATUS[CVE-2023-40283] = "cpe-stable-backport: Backported in 6.1.45" -# CVE-2023-40791 needs backporting (fixed from 6.5rc6) +CVE_STATUS[CVE-2023-40791] = "fixed-version: only affects 6.3rc1 onwards" CVE_STATUS[CVE-2023-4128] = "cpe-stable-backport: Backported in 6.1.45" @@ -5082,9 +5082,9 @@ CVE_STATUS[CVE-2023-45863] = "cpe-stable-backport: Backported in 6.1.16" CVE_STATUS[CVE-2023-45871] = "cpe-stable-backport: Backported in 6.1.53" -# CVE-2023-45898 needs backporting (fixed from 6.6rc1) +CVE_STATUS[CVE-2023-45898] = "fixed-version: only affects 6.5rc1 onwards" -# CVE-2023-4610 has no known resolution +# CVE-2023-4610 needs backporting (fixed from 6.4) CVE_STATUS[CVE-2023-4611] = "fixed-version: only affects 6.4rc1 onwards" @@ -5092,15 +5092,29 @@ CVE_STATUS[CVE-2023-4611] = "fixed-version: only affects 6.4rc1 onwards" CVE_STATUS[CVE-2023-4623] = "cpe-stable-backport: Backported in 6.1.53" +CVE_STATUS[CVE-2023-46813] = "cpe-stable-backport: Backported in 6.1.60" + +CVE_STATUS[CVE-2023-46862] = "cpe-stable-backport: Backported in 6.1.61" + +# CVE-2023-47233 has no known resolution + CVE_STATUS[CVE-2023-4732] = "fixed-version: Fixed from version 5.14rc1" CVE_STATUS[CVE-2023-4881] = "cpe-stable-backport: Backported in 6.1.54" CVE_STATUS[CVE-2023-4921] = "cpe-stable-backport: Backported in 6.1.54" -# CVE-2023-5158 has no known resolution +# CVE-2023-5090 needs backporting (fixed from 6.6rc7) + +CVE_STATUS[CVE-2023-5158] = "cpe-stable-backport: Backported in 6.1.57" + +CVE_STATUS[CVE-2023-5178] = "cpe-stable-backport: Backported in 6.1.60" CVE_STATUS[CVE-2023-5197] = "cpe-stable-backport: Backported in 6.1.56" CVE_STATUS[CVE-2023-5345] = "cpe-stable-backport: Backported in 6.1.56" +# CVE-2023-5633 needs backporting (fixed from 6.6rc6) + +CVE_STATUS[CVE-2023-5717] = "cpe-stable-backport: Backported in 6.1.60" + diff --git a/meta/recipes-kernel/linux/cve-exclusion_6.5.inc b/meta/recipes-kernel/linux/cve-exclusion_6.5.inc index 69cf7908441..b4086d436c4 100644 --- a/meta/recipes-kernel/linux/cve-exclusion_6.5.inc +++ b/meta/recipes-kernel/linux/cve-exclusion_6.5.inc @@ -1,9 +1,9 @@ # Auto-generated CVE metadata, DO NOT EDIT BY HAND. -# Generated at 2023-10-23 14:03:24.529766+00:00 for version 6.5.7 +# Generated at 2023-11-09 17:13:01.267965+00:00 for version 6.5.10 python check_kernel_cve_status_version() { - this_version = "6.5.7" + this_version = "6.5.10" kernel_version = d.getVar("LINUX_VERSION") if kernel_version != this_version: bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version)) @@ -4644,7 +4644,7 @@ CVE_STATUS[CVE-2023-1118] = "fixed-version: Fixed from version 6.3rc1" CVE_STATUS[CVE-2023-1192] = "fixed-version: Fixed from version 6.4rc1" -# CVE-2023-1193 has no known resolution +CVE_STATUS[CVE-2023-1193] = "fixed-version: Fixed from version 6.3rc6" CVE_STATUS[CVE-2023-1194] = "fixed-version: Fixed from version 6.4rc6" @@ -4796,7 +4796,7 @@ CVE_STATUS[CVE-2023-25012] = "fixed-version: Fixed from version 6.3rc1" CVE_STATUS[CVE-2023-2513] = "fixed-version: Fixed from version 6.0rc1" -# CVE-2023-25775 needs backporting (fixed from 6.6rc1) +CVE_STATUS[CVE-2023-25775] = "cpe-stable-backport: Backported in 6.5.3" CVE_STATUS[CVE-2023-2598] = "fixed-version: Fixed from version 6.4rc1" @@ -4856,7 +4856,7 @@ CVE_STATUS[CVE-2023-3106] = "fixed-version: Fixed from version 4.8rc7" CVE_STATUS[CVE-2023-31084] = "fixed-version: Fixed from version 6.4rc3" -# CVE-2023-31085 needs backporting (fixed from 6.6rc5) +CVE_STATUS[CVE-2023-31085] = "cpe-stable-backport: Backported in 6.5.7" CVE_STATUS[CVE-2023-3111] = "fixed-version: Fixed from version 6.0rc2" @@ -4936,7 +4936,7 @@ CVE_STATUS[CVE-2023-34256] = "fixed-version: Fixed from version 6.4rc2" CVE_STATUS[CVE-2023-34319] = "fixed-version: Fixed from version 6.5rc6" -# CVE-2023-34324 needs backporting (fixed from 6.6rc6) +CVE_STATUS[CVE-2023-34324] = "cpe-stable-backport: Backported in 6.5.7" CVE_STATUS[CVE-2023-3439] = "fixed-version: Fixed from version 5.18rc5" @@ -4954,7 +4954,7 @@ CVE_STATUS[CVE-2023-35824] = "fixed-version: Fixed from version 6.4rc1" CVE_STATUS[CVE-2023-35826] = "fixed-version: Fixed from version 6.4rc1" -# CVE-2023-35827 has no known resolution +CVE_STATUS[CVE-2023-35827] = "cpe-stable-backport: Backported in 6.5.8" CVE_STATUS[CVE-2023-35828] = "fixed-version: Fixed from version 6.4rc1" @@ -4968,7 +4968,7 @@ CVE_STATUS[CVE-2023-3611] = "fixed-version: Fixed from version 6.5rc2" # CVE-2023-3640 has no known resolution -# CVE-2023-37453 needs backporting (fixed from 6.6rc1) +CVE_STATUS[CVE-2023-37453] = "cpe-stable-backport: Backported in 6.5.3" # CVE-2023-37454 has no known resolution @@ -5006,13 +5006,13 @@ CVE_STATUS[CVE-2023-3866] = "fixed-version: Fixed from version 6.4" CVE_STATUS[CVE-2023-3867] = "fixed-version: Fixed from version 6.5rc1" -# CVE-2023-39189 needs backporting (fixed from 6.6rc1) +CVE_STATUS[CVE-2023-39189] = "cpe-stable-backport: Backported in 6.5.4" CVE_STATUS[CVE-2023-39191] = "fixed-version: Fixed from version 6.3rc1" -# CVE-2023-39192 needs backporting (fixed from 6.6rc1) +CVE_STATUS[CVE-2023-39192] = "cpe-stable-backport: Backported in 6.5.3" -# CVE-2023-39193 needs backporting (fixed from 6.6rc1) +CVE_STATUS[CVE-2023-39193] = "cpe-stable-backport: Backported in 6.5.3" CVE_STATUS[CVE-2023-39194] = "fixed-version: Fixed from version 6.5rc7" @@ -5050,15 +5050,15 @@ CVE_STATUS[CVE-2023-4244] = "fixed-version: Fixed from version 6.5rc7" CVE_STATUS[CVE-2023-4273] = "fixed-version: Fixed from version 6.5rc5" -# CVE-2023-42752 needs backporting (fixed from 6.6rc1) +CVE_STATUS[CVE-2023-42752] = "cpe-stable-backport: Backported in 6.5.3" -# CVE-2023-42753 needs backporting (fixed from 6.6rc1) +CVE_STATUS[CVE-2023-42753] = "cpe-stable-backport: Backported in 6.5.3" -# CVE-2023-42754 needs backporting (fixed from 6.6rc3) +CVE_STATUS[CVE-2023-42754] = "cpe-stable-backport: Backported in 6.5.6" CVE_STATUS[CVE-2023-42755] = "fixed-version: Fixed from version 6.3rc1" -# CVE-2023-42756 needs backporting (fixed from 6.6rc3) +CVE_STATUS[CVE-2023-42756] = "cpe-stable-backport: Backported in 6.5.6" CVE_STATUS[CVE-2023-4385] = "fixed-version: Fixed from version 5.19rc1" @@ -5080,27 +5080,41 @@ CVE_STATUS[CVE-2023-45862] = "fixed-version: Fixed from version 6.3rc1" CVE_STATUS[CVE-2023-45863] = "fixed-version: Fixed from version 6.3rc1" -# CVE-2023-45871 needs backporting (fixed from 6.6rc1) +CVE_STATUS[CVE-2023-45871] = "cpe-stable-backport: Backported in 6.5.3" -# CVE-2023-45898 needs backporting (fixed from 6.6rc1) +CVE_STATUS[CVE-2023-45898] = "cpe-stable-backport: Backported in 6.5.4" -# CVE-2023-4610 has no known resolution +CVE_STATUS[CVE-2023-4610] = "fixed-version: Fixed from version 6.4" CVE_STATUS[CVE-2023-4611] = "fixed-version: Fixed from version 6.5rc4" CVE_STATUS[CVE-2023-4622] = "fixed-version: Fixed from version 6.5rc1" -# CVE-2023-4623 needs backporting (fixed from 6.6rc1) +CVE_STATUS[CVE-2023-4623] = "cpe-stable-backport: Backported in 6.5.3" + +CVE_STATUS[CVE-2023-46813] = "cpe-stable-backport: Backported in 6.5.9" + +CVE_STATUS[CVE-2023-46862] = "cpe-stable-backport: Backported in 6.5.10" + +# CVE-2023-47233 has no known resolution CVE_STATUS[CVE-2023-4732] = "fixed-version: Fixed from version 5.14rc1" -# CVE-2023-4881 needs backporting (fixed from 6.6rc1) +CVE_STATUS[CVE-2023-4881] = "cpe-stable-backport: Backported in 6.5.4" + +CVE_STATUS[CVE-2023-4921] = "cpe-stable-backport: Backported in 6.5.4" + +CVE_STATUS[CVE-2023-5090] = "cpe-stable-backport: Backported in 6.5.9" + +CVE_STATUS[CVE-2023-5158] = "cpe-stable-backport: Backported in 6.5.7" + +CVE_STATUS[CVE-2023-5178] = "cpe-stable-backport: Backported in 6.5.9" -# CVE-2023-4921 needs backporting (fixed from 6.6rc1) +CVE_STATUS[CVE-2023-5197] = "cpe-stable-backport: Backported in 6.5.6" -# CVE-2023-5158 has no known resolution +CVE_STATUS[CVE-2023-5345] = "cpe-stable-backport: Backported in 6.5.6" -# CVE-2023-5197 needs backporting (fixed from 6.6rc3) +CVE_STATUS[CVE-2023-5633] = "cpe-stable-backport: Backported in 6.5.8" -# CVE-2023-5345 needs backporting (fixed from 6.6rc4) +CVE_STATUS[CVE-2023-5717] = "cpe-stable-backport: Backported in 6.5.9"