[kirkstone,08/22] cve-exclusion_5.10.inc: update for 5.10.209

Message ID	29fc80648be1b2ad70df8df9545aae4279f11df3.1708897822.git.steve@sakoman.com
State	Accepted, archived
Commit	29fc80648be1b2ad70df8df9545aae4279f11df3
Delegated to:	Steve Sakoman
Headers	show Return-Path: <steve@sakoman.com> ip: 209.85.161.43, mailfrom: steve@sakoman.com) From: Steve Sakoman <steve@sakoman.com> To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 08/22] cve-exclusion_5.10.inc: update for 5.10.209 Date: Sun, 25 Feb 2024 11:52:27 -1000 Message-Id: <29fc80648be1b2ad70df8df9545aae4279f11df3.1708897822.git.steve@sakoman.com> In-Reply-To: <cover.1708897822.git.steve@sakoman.com> References: <cover.1708897822.git.steve@sakoman.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	[kirkstone,01/22] go: add a complementary fix for CVE-2023-29406 \| expand [kirkstone,01/22] go: add a complementary fix for CVE-2023-29406 [kirkstone,02/22] libuv: fix CVE-2024-24806 [kirkstone,03/22] vim: upgrade v9.0.2130 -> v9.0.2190 [kirkstone,04/22] linux-yocto/5.10: update to v5.10.203 [kirkstone,05/22] linux-yocto/5.10: update to v5.10.205 [kirkstone,06/22] linux-yocto/5.10: update to v5.10.206 [kirkstone,07/22] linux-yocto/5.10: update to v5.10.209 [kirkstone,08/22] cve-exclusion_5.10.inc: update for 5.10.209 [kirkstone,09/22] linux-yocto/5.15: update to v5.15.141 [kirkstone,10/22] linux-yocto/5.15: update to v5.15.142 [kirkstone,11/22] linux-yocto/5.15: update to v5.15.145 [kirkstone,12/22] linux-yocto/5.15: update to v5.15.146 [kirkstone,13/22] linux-yocto/5.15: update CVE exclusions [kirkstone,14/22] linux-yocto/5.15: update to v5.15.147 [kirkstone,15/22] linux-yocto/5.15: update CVE exclusions [kirkstone,16/22] linux-yocto/5.15: update to v5.15.148 [kirkstone,17/22] linux-yocto/5.15: update CVE exclusions [kirkstone,18/22] curl: don't enable debug builds [kirkstone,19/22] cmake: Unset CMAKE_CXX_IMPLICIT_INCLUDE_DIRECTORIES [kirkstone,20/22] ldconfig-native: Fix to point correctly on the DT_NEEDED entries in an ELF file [kirkstone,21/22] oeqa/selftest/runtime_test: only run the virgl tests on qemux86-64 [kirkstone,22/22] runqemu: direct mesa to use its own drivers, rather than ones provided by host di…

diff --git a/meta/recipes-kernel/linux/cve-exclusion_5.10.inc b/meta/recipes-kernel/linux/cve-exclusion_5.10.inc index 583d81d0f2..4d959c90b1 100644 --- a/meta/recipes-kernel/linux/cve-exclusion_5.10.inc +++ b/meta/recipes-kernel/linux/cve-exclusion_5.10.inc @@ -1,9 +1,9 @@ # Auto-generated CVE metadata, DO NOT EDIT BY HAND. -# Generated at 2023-12-05 05:25:07.507188 for version 5.10.202 +# Generated at 2024-02-21 03:55:27.305577 for version 5.10.209 python check_kernel_cve_status_version() { - this_version = "5.10.202" + this_version = "5.10.209" kernel_version = d.getVar("LINUX_VERSION") if kernel_version != this_version: bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version)) @@ -5293,6 +5293,12 @@ CVE_CHECK_IGNORE += "CVE-2021-3348" # cpe-stable-backport: Backported in 5.10.46 CVE_CHECK_IGNORE += "CVE-2021-33624" +# fixed-version: Fixed after version 5.4rc1 +CVE_CHECK_IGNORE += "CVE-2021-33630" + +# cpe-stable-backport: Backported in 5.10.177 +CVE_CHECK_IGNORE += "CVE-2021-33631" + # cpe-stable-backport: Backported in 5.10.130 CVE_CHECK_IGNORE += "CVE-2021-33655" @@ -5822,7 +5828,8 @@ CVE_CHECK_IGNORE += "CVE-2022-1419" # cpe-stable-backport: Backported in 5.10.134 CVE_CHECK_IGNORE += "CVE-2022-1462" -# CVE-2022-1508 needs backporting (fixed from 5.15rc1) +# fixed-version: only affects 5.11rc1 onwards +CVE_CHECK_IGNORE += "CVE-2022-1508" # cpe-stable-backport: Backported in 5.10.110 CVE_CHECK_IGNORE += "CVE-2022-1516" @@ -6370,7 +6377,8 @@ CVE_CHECK_IGNORE += "CVE-2022-3635" # fixed-version: only affects 5.19 onwards CVE_CHECK_IGNORE += "CVE-2022-3640" -# CVE-2022-36402 has no known resolution +# cpe-stable-backport: Backported in 5.10.193 +CVE_CHECK_IGNORE += "CVE-2022-36402" # CVE-2022-3642 has no known resolution @@ -6600,6 +6608,9 @@ CVE_CHECK_IGNORE += "CVE-2022-48425" # fixed-version: only affects 5.15rc1 onwards CVE_CHECK_IGNORE += "CVE-2022-48502" +# cpe-stable-backport: Backported in 5.10.118 +CVE_CHECK_IGNORE += "CVE-2022-48619" + # fixed-version: Fixed after version 5.0rc1 CVE_CHECK_IGNORE += "CVE-2023-0030" @@ -6719,6 +6730,8 @@ CVE_CHECK_IGNORE += "CVE-2023-1382" # cpe-stable-backport: Backported in 5.10.10 CVE_CHECK_IGNORE += "CVE-2023-1390" +# CVE-2023-1476 has no known resolution + # cpe-stable-backport: Backported in 5.10.169 CVE_CHECK_IGNORE += "CVE-2023-1513" @@ -6891,7 +6904,8 @@ CVE_CHECK_IGNORE += "CVE-2023-23559" # CVE-2023-23586 needs backporting (fixed from 5.12rc1) -# CVE-2023-2430 needs backporting (fixed from 6.2rc5) +# fixed-version: only affects 5.18rc1 onwards +CVE_CHECK_IGNORE += "CVE-2023-2430" # cpe-stable-backport: Backported in 5.10.177 CVE_CHECK_IGNORE += "CVE-2023-2483" @@ -7221,7 +7235,8 @@ CVE_CHECK_IGNORE += "CVE-2023-39194" # cpe-stable-backport: Backported in 5.10.188 CVE_CHECK_IGNORE += "CVE-2023-39197" -# CVE-2023-39198 needs backporting (fixed from 6.5rc7) +# cpe-stable-backport: Backported in 5.10.208 +CVE_CHECK_IGNORE += "CVE-2023-39198" # cpe-stable-backport: Backported in 5.10.188 CVE_CHECK_IGNORE += "CVE-2023-4004" @@ -7322,7 +7337,8 @@ CVE_CHECK_IGNORE += "CVE-2023-45871" # fixed-version: only affects 6.5rc1 onwards CVE_CHECK_IGNORE += "CVE-2023-45898" -# CVE-2023-4610 needs backporting (fixed from 6.4) +# fixed-version: only affects 6.4rc1 onwards +CVE_CHECK_IGNORE += "CVE-2023-4610" # fixed-version: only affects 6.4rc1 onwards CVE_CHECK_IGNORE += "CVE-2023-4611" @@ -7332,9 +7348,15 @@ CVE_CHECK_IGNORE += "CVE-2023-4611" # cpe-stable-backport: Backported in 5.10.195 CVE_CHECK_IGNORE += "CVE-2023-4623" +# cpe-stable-backport: Backported in 5.10.199 +CVE_CHECK_IGNORE += "CVE-2023-46343" + # cpe-stable-backport: Backported in 5.10.199 CVE_CHECK_IGNORE += "CVE-2023-46813" +# cpe-stable-backport: Backported in 5.10.209 +CVE_CHECK_IGNORE += "CVE-2023-46838" + # cpe-stable-backport: Backported in 5.10.202 CVE_CHECK_IGNORE += "CVE-2023-46862" @@ -7349,18 +7371,41 @@ CVE_CHECK_IGNORE += "CVE-2023-4881" # cpe-stable-backport: Backported in 5.10.195 CVE_CHECK_IGNORE += "CVE-2023-4921" +# CVE-2023-50431 needs backporting (fixed from 6.8rc1) + # fixed-version: only affects 6.0rc1 onwards CVE_CHECK_IGNORE += "CVE-2023-5090" +# cpe-stable-backport: Backported in 5.10.192 +CVE_CHECK_IGNORE += "CVE-2023-51042" + +# cpe-stable-backport: Backported in 5.10.188 +CVE_CHECK_IGNORE += "CVE-2023-51043" + # fixed-version: only affects 5.13rc1 onwards CVE_CHECK_IGNORE += "CVE-2023-5158" +# cpe-stable-backport: Backported in 5.10.206 +CVE_CHECK_IGNORE += "CVE-2023-51779" + # cpe-stable-backport: Backported in 5.10.199 CVE_CHECK_IGNORE += "CVE-2023-5178" +# cpe-stable-backport: Backported in 5.10.205 +CVE_CHECK_IGNORE += "CVE-2023-51780" + +# cpe-stable-backport: Backported in 5.10.205 +CVE_CHECK_IGNORE += "CVE-2023-51781" + +# cpe-stable-backport: Backported in 5.10.205 +CVE_CHECK_IGNORE += "CVE-2023-51782" + # cpe-stable-backport: Backported in 5.10.198 CVE_CHECK_IGNORE += "CVE-2023-5197" +# cpe-stable-backport: Backported in 5.10.208 +CVE_CHECK_IGNORE += "CVE-2023-52340" + # fixed-version: only affects 6.1rc1 onwards CVE_CHECK_IGNORE += "CVE-2023-5345" @@ -7370,17 +7415,151 @@ CVE_CHECK_IGNORE += "CVE-2023-5633" # cpe-stable-backport: Backported in 5.10.199 CVE_CHECK_IGNORE += "CVE-2023-5717" -# CVE-2023-5972 needs backporting (fixed from 6.6rc7) +# fixed-version: only affects 6.2rc1 onwards +CVE_CHECK_IGNORE += "CVE-2023-5972" + +# fixed-version: only affects 5.15rc1 onwards +CVE_CHECK_IGNORE += "CVE-2023-6039" -# CVE-2023-6039 needs backporting (fixed from 6.5rc5) +# cpe-stable-backport: Backported in 5.10.208 +CVE_CHECK_IGNORE += "CVE-2023-6040" # fixed-version: only affects 6.6rc3 onwards CVE_CHECK_IGNORE += "CVE-2023-6111" -# CVE-2023-6121 needs backporting (fixed from 6.7rc3) +# cpe-stable-backport: Backported in 5.10.203 +CVE_CHECK_IGNORE += "CVE-2023-6121" # cpe-stable-backport: Backported in 5.10.195 CVE_CHECK_IGNORE += "CVE-2023-6176" +# fixed-version: only affects 6.6rc1 onwards +CVE_CHECK_IGNORE += "CVE-2023-6200" + # CVE-2023-6238 has no known resolution +# CVE-2023-6240 has no known resolution + +# CVE-2023-6270 has no known resolution + +# CVE-2023-6356 has no known resolution + +# fixed-version: only affects 6.1rc1 onwards +CVE_CHECK_IGNORE += "CVE-2023-6531" + +# CVE-2023-6535 has no known resolution + +# CVE-2023-6536 has no known resolution + +# cpe-stable-backport: Backported in 5.10.192 +CVE_CHECK_IGNORE += "CVE-2023-6546" + +# CVE-2023-6560 needs backporting (fixed from 6.7rc4) + +# cpe-stable-backport: Backported in 5.10.206 +CVE_CHECK_IGNORE += "CVE-2023-6606" + +# CVE-2023-6610 needs backporting (fixed from 6.7rc7) + +# fixed-version: only affects 5.11rc1 onwards +CVE_CHECK_IGNORE += "CVE-2023-6622" + +# fixed-version: only affects 6.7rc1 onwards +CVE_CHECK_IGNORE += "CVE-2023-6679" + +# cpe-stable-backport: Backported in 5.10.204 +CVE_CHECK_IGNORE += "CVE-2023-6817" + +# cpe-stable-backport: Backported in 5.10.209 +CVE_CHECK_IGNORE += "CVE-2023-6915" + +# cpe-stable-backport: Backported in 5.10.204 +CVE_CHECK_IGNORE += "CVE-2023-6931" + +# cpe-stable-backport: Backported in 5.10.203 +CVE_CHECK_IGNORE += "CVE-2023-6932" + +# CVE-2023-7042 has no known resolution + +# cpe-stable-backport: Backported in 5.10.173 +CVE_CHECK_IGNORE += "CVE-2023-7192" + +# fixed-version: only affects 6.5rc6 onwards +CVE_CHECK_IGNORE += "CVE-2024-0193" + +# CVE-2024-0340 needs backporting (fixed from 6.4rc6) + +# fixed-version: only affects 6.2rc1 onwards +CVE_CHECK_IGNORE += "CVE-2024-0443" + +# fixed-version: only affects 5.15rc1 onwards +CVE_CHECK_IGNORE += "CVE-2024-0562" + +# CVE-2024-0564 has no known resolution + +# CVE-2024-0565 needs backporting (fixed from 6.7rc6) + +# fixed-version: only affects 6.4rc1 onwards +CVE_CHECK_IGNORE += "CVE-2024-0582" + +# cpe-stable-backport: Backported in 5.10.203 +CVE_CHECK_IGNORE += "CVE-2024-0584" + +# CVE-2024-0607 needs backporting (fixed from 6.7rc2) + +# fixed-version: only affects 5.13rc1 onwards +CVE_CHECK_IGNORE += "CVE-2024-0639" + +# cpe-stable-backport: Backported in 5.10.198 +CVE_CHECK_IGNORE += "CVE-2024-0641" + +# cpe-stable-backport: Backported in 5.10.208 +CVE_CHECK_IGNORE += "CVE-2024-0646" + +# cpe-stable-backport: Backported in 5.10.180 +CVE_CHECK_IGNORE += "CVE-2024-0775" + +# CVE-2024-0841 has no known resolution + +# fixed-version: only affects 5.13rc1 onwards +CVE_CHECK_IGNORE += "CVE-2024-1085" + +# CVE-2024-1086 needs backporting (fixed from 6.8rc2) + +# CVE-2024-1312 needs backporting (fixed from 6.5rc4) + +# CVE-2024-21803 has no known resolution + +# CVE-2024-22099 has no known resolution + +# CVE-2024-22386 has no known resolution + +# fixed-version: only affects 5.15rc1 onwards +CVE_CHECK_IGNORE += "CVE-2024-22705" + +# CVE-2024-23196 has no known resolution + +# CVE-2024-23307 has no known resolution + +# CVE-2024-23848 has no known resolution + +# CVE-2024-23849 needs backporting (fixed from 6.8rc2) + +# CVE-2024-23850 has no known resolution + +# CVE-2024-23851 has no known resolution + +# CVE-2024-24855 has no known resolution + +# CVE-2024-24857 has no known resolution + +# CVE-2024-24858 has no known resolution + +# CVE-2024-24859 has no known resolution + +# CVE-2024-24860 has no known resolution + +# CVE-2024-24861 has no known resolution + +# CVE-2024-24864 has no known resolution +

[kirkstone,08/22] cve-exclusion_5.10.inc: update for 5.10.209

Commit Message

Patch