diff mbox series

linux/cve-exclusion6.1/6.5: Update to latest kernel point releases

Message ID 20231109171353.1715618-1-richard.purdie@linuxfoundation.org
State Accepted, archived
Commit e17b76644b26ef832b632a03f537060f88344bd8
Headers show
Series linux/cve-exclusion6.1/6.5: Update to latest kernel point releases | expand

Commit Message

Richard Purdie Nov. 9, 2023, 5:13 p.m. UTC 
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---
 .../linux/cve-exclusion_6.1.inc               | 30 ++++++---
 .../linux/cve-exclusion_6.5.inc               | 62 ++++++++++++-------
 2 files changed, 60 insertions(+), 32 deletions(-)
diff mbox series

Patch

diff --git a/meta/recipes-kernel/linux/cve-exclusion_6.1.inc b/meta/recipes-kernel/linux/cve-exclusion_6.1.inc
index 3f708b0cc51..1216e0c2ddd 100644
--- a/meta/recipes-kernel/linux/cve-exclusion_6.1.inc
+++ b/meta/recipes-kernel/linux/cve-exclusion_6.1.inc
@@ -1,9 +1,9 @@ 
 
 # Auto-generated CVE metadata, DO NOT EDIT BY HAND.
-# Generated at 2023-10-23 14:03:17.479563+00:00 for version 6.1.57
+# Generated at 2023-11-09 17:12:27.365962+00:00 for version 6.1.61
 
 python check_kernel_cve_status_version() {
-    this_version = "6.1.57"
+    this_version = "6.1.61"
     kernel_version = d.getVar("LINUX_VERSION")
     if kernel_version != this_version:
         bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version))
@@ -4644,7 +4644,7 @@  CVE_STATUS[CVE-2023-1118] = "cpe-stable-backport: Backported in 6.1.16"
 
 CVE_STATUS[CVE-2023-1192] = "cpe-stable-backport: Backported in 6.1.33"
 
-# CVE-2023-1193 has no known resolution
+# CVE-2023-1193 needs backporting (fixed from 6.3rc6)
 
 CVE_STATUS[CVE-2023-1194] = "cpe-stable-backport: Backported in 6.1.34"
 
@@ -4954,7 +4954,7 @@  CVE_STATUS[CVE-2023-35824] = "cpe-stable-backport: Backported in 6.1.28"
 
 CVE_STATUS[CVE-2023-35826] = "cpe-stable-backport: Backported in 6.1.28"
 
-# CVE-2023-35827 has no known resolution
+CVE_STATUS[CVE-2023-35827] = "cpe-stable-backport: Backported in 6.1.59"
 
 CVE_STATUS[CVE-2023-35828] = "cpe-stable-backport: Backported in 6.1.28"
 
@@ -5024,7 +5024,7 @@  CVE_STATUS[CVE-2023-4015] = "cpe-stable-backport: Backported in 6.1.43"
 
 CVE_STATUS[CVE-2023-40283] = "cpe-stable-backport: Backported in 6.1.45"
 
-# CVE-2023-40791 needs backporting (fixed from 6.5rc6)
+CVE_STATUS[CVE-2023-40791] = "fixed-version: only affects 6.3rc1 onwards"
 
 CVE_STATUS[CVE-2023-4128] = "cpe-stable-backport: Backported in 6.1.45"
 
@@ -5082,9 +5082,9 @@  CVE_STATUS[CVE-2023-45863] = "cpe-stable-backport: Backported in 6.1.16"
 
 CVE_STATUS[CVE-2023-45871] = "cpe-stable-backport: Backported in 6.1.53"
 
-# CVE-2023-45898 needs backporting (fixed from 6.6rc1)
+CVE_STATUS[CVE-2023-45898] = "fixed-version: only affects 6.5rc1 onwards"
 
-# CVE-2023-4610 has no known resolution
+# CVE-2023-4610 needs backporting (fixed from 6.4)
 
 CVE_STATUS[CVE-2023-4611] = "fixed-version: only affects 6.4rc1 onwards"
 
@@ -5092,15 +5092,29 @@  CVE_STATUS[CVE-2023-4611] = "fixed-version: only affects 6.4rc1 onwards"
 
 CVE_STATUS[CVE-2023-4623] = "cpe-stable-backport: Backported in 6.1.53"
 
+CVE_STATUS[CVE-2023-46813] = "cpe-stable-backport: Backported in 6.1.60"
+
+CVE_STATUS[CVE-2023-46862] = "cpe-stable-backport: Backported in 6.1.61"
+
+# CVE-2023-47233 has no known resolution
+
 CVE_STATUS[CVE-2023-4732] = "fixed-version: Fixed from version 5.14rc1"
 
 CVE_STATUS[CVE-2023-4881] = "cpe-stable-backport: Backported in 6.1.54"
 
 CVE_STATUS[CVE-2023-4921] = "cpe-stable-backport: Backported in 6.1.54"
 
-# CVE-2023-5158 has no known resolution
+# CVE-2023-5090 needs backporting (fixed from 6.6rc7)
+
+CVE_STATUS[CVE-2023-5158] = "cpe-stable-backport: Backported in 6.1.57"
+
+CVE_STATUS[CVE-2023-5178] = "cpe-stable-backport: Backported in 6.1.60"
 
 CVE_STATUS[CVE-2023-5197] = "cpe-stable-backport: Backported in 6.1.56"
 
 CVE_STATUS[CVE-2023-5345] = "cpe-stable-backport: Backported in 6.1.56"
 
+# CVE-2023-5633 needs backporting (fixed from 6.6rc6)
+
+CVE_STATUS[CVE-2023-5717] = "cpe-stable-backport: Backported in 6.1.60"
+
diff --git a/meta/recipes-kernel/linux/cve-exclusion_6.5.inc b/meta/recipes-kernel/linux/cve-exclusion_6.5.inc
index 69cf7908441..b4086d436c4 100644
--- a/meta/recipes-kernel/linux/cve-exclusion_6.5.inc
+++ b/meta/recipes-kernel/linux/cve-exclusion_6.5.inc
@@ -1,9 +1,9 @@ 
 
 # Auto-generated CVE metadata, DO NOT EDIT BY HAND.
-# Generated at 2023-10-23 14:03:24.529766+00:00 for version 6.5.7
+# Generated at 2023-11-09 17:13:01.267965+00:00 for version 6.5.10
 
 python check_kernel_cve_status_version() {
-    this_version = "6.5.7"
+    this_version = "6.5.10"
     kernel_version = d.getVar("LINUX_VERSION")
     if kernel_version != this_version:
         bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version))
@@ -4644,7 +4644,7 @@  CVE_STATUS[CVE-2023-1118] = "fixed-version: Fixed from version 6.3rc1"
 
 CVE_STATUS[CVE-2023-1192] = "fixed-version: Fixed from version 6.4rc1"
 
-# CVE-2023-1193 has no known resolution
+CVE_STATUS[CVE-2023-1193] = "fixed-version: Fixed from version 6.3rc6"
 
 CVE_STATUS[CVE-2023-1194] = "fixed-version: Fixed from version 6.4rc6"
 
@@ -4796,7 +4796,7 @@  CVE_STATUS[CVE-2023-25012] = "fixed-version: Fixed from version 6.3rc1"
 
 CVE_STATUS[CVE-2023-2513] = "fixed-version: Fixed from version 6.0rc1"
 
-# CVE-2023-25775 needs backporting (fixed from 6.6rc1)
+CVE_STATUS[CVE-2023-25775] = "cpe-stable-backport: Backported in 6.5.3"
 
 CVE_STATUS[CVE-2023-2598] = "fixed-version: Fixed from version 6.4rc1"
 
@@ -4856,7 +4856,7 @@  CVE_STATUS[CVE-2023-3106] = "fixed-version: Fixed from version 4.8rc7"
 
 CVE_STATUS[CVE-2023-31084] = "fixed-version: Fixed from version 6.4rc3"
 
-# CVE-2023-31085 needs backporting (fixed from 6.6rc5)
+CVE_STATUS[CVE-2023-31085] = "cpe-stable-backport: Backported in 6.5.7"
 
 CVE_STATUS[CVE-2023-3111] = "fixed-version: Fixed from version 6.0rc2"
 
@@ -4936,7 +4936,7 @@  CVE_STATUS[CVE-2023-34256] = "fixed-version: Fixed from version 6.4rc2"
 
 CVE_STATUS[CVE-2023-34319] = "fixed-version: Fixed from version 6.5rc6"
 
-# CVE-2023-34324 needs backporting (fixed from 6.6rc6)
+CVE_STATUS[CVE-2023-34324] = "cpe-stable-backport: Backported in 6.5.7"
 
 CVE_STATUS[CVE-2023-3439] = "fixed-version: Fixed from version 5.18rc5"
 
@@ -4954,7 +4954,7 @@  CVE_STATUS[CVE-2023-35824] = "fixed-version: Fixed from version 6.4rc1"
 
 CVE_STATUS[CVE-2023-35826] = "fixed-version: Fixed from version 6.4rc1"
 
-# CVE-2023-35827 has no known resolution
+CVE_STATUS[CVE-2023-35827] = "cpe-stable-backport: Backported in 6.5.8"
 
 CVE_STATUS[CVE-2023-35828] = "fixed-version: Fixed from version 6.4rc1"
 
@@ -4968,7 +4968,7 @@  CVE_STATUS[CVE-2023-3611] = "fixed-version: Fixed from version 6.5rc2"
 
 # CVE-2023-3640 has no known resolution
 
-# CVE-2023-37453 needs backporting (fixed from 6.6rc1)
+CVE_STATUS[CVE-2023-37453] = "cpe-stable-backport: Backported in 6.5.3"
 
 # CVE-2023-37454 has no known resolution
 
@@ -5006,13 +5006,13 @@  CVE_STATUS[CVE-2023-3866] = "fixed-version: Fixed from version 6.4"
 
 CVE_STATUS[CVE-2023-3867] = "fixed-version: Fixed from version 6.5rc1"
 
-# CVE-2023-39189 needs backporting (fixed from 6.6rc1)
+CVE_STATUS[CVE-2023-39189] = "cpe-stable-backport: Backported in 6.5.4"
 
 CVE_STATUS[CVE-2023-39191] = "fixed-version: Fixed from version 6.3rc1"
 
-# CVE-2023-39192 needs backporting (fixed from 6.6rc1)
+CVE_STATUS[CVE-2023-39192] = "cpe-stable-backport: Backported in 6.5.3"
 
-# CVE-2023-39193 needs backporting (fixed from 6.6rc1)
+CVE_STATUS[CVE-2023-39193] = "cpe-stable-backport: Backported in 6.5.3"
 
 CVE_STATUS[CVE-2023-39194] = "fixed-version: Fixed from version 6.5rc7"
 
@@ -5050,15 +5050,15 @@  CVE_STATUS[CVE-2023-4244] = "fixed-version: Fixed from version 6.5rc7"
 
 CVE_STATUS[CVE-2023-4273] = "fixed-version: Fixed from version 6.5rc5"
 
-# CVE-2023-42752 needs backporting (fixed from 6.6rc1)
+CVE_STATUS[CVE-2023-42752] = "cpe-stable-backport: Backported in 6.5.3"
 
-# CVE-2023-42753 needs backporting (fixed from 6.6rc1)
+CVE_STATUS[CVE-2023-42753] = "cpe-stable-backport: Backported in 6.5.3"
 
-# CVE-2023-42754 needs backporting (fixed from 6.6rc3)
+CVE_STATUS[CVE-2023-42754] = "cpe-stable-backport: Backported in 6.5.6"
 
 CVE_STATUS[CVE-2023-42755] = "fixed-version: Fixed from version 6.3rc1"
 
-# CVE-2023-42756 needs backporting (fixed from 6.6rc3)
+CVE_STATUS[CVE-2023-42756] = "cpe-stable-backport: Backported in 6.5.6"
 
 CVE_STATUS[CVE-2023-4385] = "fixed-version: Fixed from version 5.19rc1"
 
@@ -5080,27 +5080,41 @@  CVE_STATUS[CVE-2023-45862] = "fixed-version: Fixed from version 6.3rc1"
 
 CVE_STATUS[CVE-2023-45863] = "fixed-version: Fixed from version 6.3rc1"
 
-# CVE-2023-45871 needs backporting (fixed from 6.6rc1)
+CVE_STATUS[CVE-2023-45871] = "cpe-stable-backport: Backported in 6.5.3"
 
-# CVE-2023-45898 needs backporting (fixed from 6.6rc1)
+CVE_STATUS[CVE-2023-45898] = "cpe-stable-backport: Backported in 6.5.4"
 
-# CVE-2023-4610 has no known resolution
+CVE_STATUS[CVE-2023-4610] = "fixed-version: Fixed from version 6.4"
 
 CVE_STATUS[CVE-2023-4611] = "fixed-version: Fixed from version 6.5rc4"
 
 CVE_STATUS[CVE-2023-4622] = "fixed-version: Fixed from version 6.5rc1"
 
-# CVE-2023-4623 needs backporting (fixed from 6.6rc1)
+CVE_STATUS[CVE-2023-4623] = "cpe-stable-backport: Backported in 6.5.3"
+
+CVE_STATUS[CVE-2023-46813] = "cpe-stable-backport: Backported in 6.5.9"
+
+CVE_STATUS[CVE-2023-46862] = "cpe-stable-backport: Backported in 6.5.10"
+
+# CVE-2023-47233 has no known resolution
 
 CVE_STATUS[CVE-2023-4732] = "fixed-version: Fixed from version 5.14rc1"
 
-# CVE-2023-4881 needs backporting (fixed from 6.6rc1)
+CVE_STATUS[CVE-2023-4881] = "cpe-stable-backport: Backported in 6.5.4"
+
+CVE_STATUS[CVE-2023-4921] = "cpe-stable-backport: Backported in 6.5.4"
+
+CVE_STATUS[CVE-2023-5090] = "cpe-stable-backport: Backported in 6.5.9"
+
+CVE_STATUS[CVE-2023-5158] = "cpe-stable-backport: Backported in 6.5.7"
+
+CVE_STATUS[CVE-2023-5178] = "cpe-stable-backport: Backported in 6.5.9"
 
-# CVE-2023-4921 needs backporting (fixed from 6.6rc1)
+CVE_STATUS[CVE-2023-5197] = "cpe-stable-backport: Backported in 6.5.6"
 
-# CVE-2023-5158 has no known resolution
+CVE_STATUS[CVE-2023-5345] = "cpe-stable-backport: Backported in 6.5.6"
 
-# CVE-2023-5197 needs backporting (fixed from 6.6rc3)
+CVE_STATUS[CVE-2023-5633] = "cpe-stable-backport: Backported in 6.5.8"
 
-# CVE-2023-5345 needs backporting (fixed from 6.6rc4)
+CVE_STATUS[CVE-2023-5717] = "cpe-stable-backport: Backported in 6.5.9"