diff mbox series

[dunfell,8/9] cve-exclusion_5.4.inc: update for 5.4.268

Message ID 7360603c50ca61ec9d6a49798ec6b67a80e93c69.1708612053.git.steve@sakoman.com
State Accepted, archived
Commit 7360603c50ca61ec9d6a49798ec6b67a80e93c69
Delegated to: Steve Sakoman
Headers show
Series [dunfell,1/9] gcc-shared-source: whitelist CVE-2023-4039 | expand

Commit Message

Steve Sakoman Feb. 22, 2024, 2:30 p.m. UTC 
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../linux/cve-exclusion_5.4.inc               | 199 +++++++++++++++++-
 1 file changed, 188 insertions(+), 11 deletions(-)

Comments

patchtest@automation.yoctoproject.org Feb. 22, 2024, 2:47 p.m. UTC | #1 
Thank you for your submission. Patchtest identified one
or more issues with the patch. Please see the log below for
more information:

---
Testing patch /home/patchtest/share/mboxes/dunfell-8-9-cve-exclusion_5.4.inc-update-for-5.4.268.patch

FAIL: test commit message presence: Please include a commit message on your patch explaining the change (test_mbox.TestMbox.test_commit_message_presence)

PASS: test Signed-off-by presence (test_mbox.TestMbox.test_signed_off_by_presence)
PASS: test author valid (test_mbox.TestMbox.test_author_valid)
PASS: test mbox format (test_mbox.TestMbox.test_mbox_format)
PASS: test non-AUH upgrade (test_mbox.TestMbox.test_non_auh_upgrade)
PASS: test shortlog format (test_mbox.TestMbox.test_shortlog_format)
PASS: test shortlog length (test_mbox.TestMbox.test_shortlog_length)

SKIP: test CVE tag format: No new CVE patches introduced (test_patch.TestPatch.test_cve_tag_format)
SKIP: test Signed-off-by presence: No new CVE patches introduced (test_patch.TestPatch.test_signed_off_by_presence)
SKIP: test Upstream-Status presence: No new CVE patches introduced (test_patch.TestPatch.test_upstream_status_presence_format)
SKIP: test bugzilla entry format: No bug ID found (test_mbox.TestMbox.test_bugzilla_entry_format)
SKIP: test pylint: No python related patches, skipping test (test_python_pylint.PyLint.test_pylint)
SKIP: test series merge on head: Merge test is disabled for now (test_mbox.TestMbox.test_series_merge_on_head)
SKIP: test target mailing list: Series merged, no reason to check other mailing lists (test_mbox.TestMbox.test_target_mailing_list)

---

Please address the issues identified and
submit a new revision of the patch, or alternatively, reply to this
email with an explanation of why the patch should be accepted. If you
believe these results are due to an error in patchtest, please submit a
bug at https://bugzilla.yoctoproject.org/ (use the 'Patchtest' category
under 'Yocto Project Subprojects'). For more information on specific
failures, see: https://wiki.yoctoproject.org/wiki/Patchtest. Thank
you!
diff mbox series

Patch

diff --git a/meta/recipes-kernel/linux/cve-exclusion_5.4.inc b/meta/recipes-kernel/linux/cve-exclusion_5.4.inc
index 983424d427..79caff7c6c 100644
--- a/meta/recipes-kernel/linux/cve-exclusion_5.4.inc
+++ b/meta/recipes-kernel/linux/cve-exclusion_5.4.inc
@@ -1,9 +1,9 @@ 
 
 # Auto-generated CVE metadata, DO NOT EDIT BY HAND.
-# Generated at 2023-12-05 04:45:42.561193 for version 5.4.262
+# Generated at 2024-02-21 03:40:25.997343 for version 5.4.268
 
 python check_kernel_cve_status_version() {
-    this_version = "5.4.262"
+    this_version = "5.4.268"
     kernel_version = d.getVar("LINUX_VERSION")
     if kernel_version != this_version:
         bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version))
@@ -5281,6 +5281,12 @@  CVE_CHECK_WHITELIST += "CVE-2021-3348"
 # cpe-stable-backport: Backported in 5.4.139
 CVE_CHECK_WHITELIST += "CVE-2021-33624"
 
+# fixed-version: Fixed after version 5.4rc1
+CVE_CHECK_WHITELIST += "CVE-2021-33630"
+
+# cpe-stable-backport: Backported in 5.4.240
+CVE_CHECK_WHITELIST += "CVE-2021-33631"
+
 # cpe-stable-backport: Backported in 5.4.205
 CVE_CHECK_WHITELIST += "CVE-2021-33655"
 
@@ -5810,7 +5816,8 @@  CVE_CHECK_WHITELIST += "CVE-2022-1419"
 # cpe-stable-backport: Backported in 5.4.208
 CVE_CHECK_WHITELIST += "CVE-2022-1462"
 
-# CVE-2022-1508 needs backporting (fixed from 5.15rc1)
+# fixed-version: only affects 5.11rc1 onwards
+CVE_CHECK_WHITELIST += "CVE-2022-1508"
 
 # fixed-version: only affects 5.7rc5 onwards
 CVE_CHECK_WHITELIST += "CVE-2022-1516"
@@ -6356,7 +6363,7 @@  CVE_CHECK_WHITELIST += "CVE-2022-3635"
 # fixed-version: only affects 5.19 onwards
 CVE_CHECK_WHITELIST += "CVE-2022-3640"
 
-# CVE-2022-36402 has no known resolution
+# CVE-2022-36402 needs backporting (fixed from 6.5)
 
 # CVE-2022-3642 has no known resolution
 
@@ -6585,6 +6592,9 @@  CVE_CHECK_WHITELIST += "CVE-2022-48425"
 # fixed-version: only affects 5.15rc1 onwards
 CVE_CHECK_WHITELIST += "CVE-2022-48502"
 
+# cpe-stable-backport: Backported in 5.4.196
+CVE_CHECK_WHITELIST += "CVE-2022-48619"
+
 # fixed-version: Fixed after version 5.0rc1
 CVE_CHECK_WHITELIST += "CVE-2023-0030"
 
@@ -6702,6 +6712,8 @@  CVE_CHECK_WHITELIST += "CVE-2023-1382"
 # cpe-stable-backport: Backported in 5.4.92
 CVE_CHECK_WHITELIST += "CVE-2023-1390"
 
+# CVE-2023-1476 has no known resolution
+
 # cpe-stable-backport: Backported in 5.4.232
 CVE_CHECK_WHITELIST += "CVE-2023-1513"
 
@@ -6873,7 +6885,8 @@  CVE_CHECK_WHITELIST += "CVE-2023-23559"
 # fixed-version: only affects 5.10rc1 onwards
 CVE_CHECK_WHITELIST += "CVE-2023-23586"
 
-# CVE-2023-2430 needs backporting (fixed from 6.2rc5)
+# fixed-version: only affects 5.18rc1 onwards
+CVE_CHECK_WHITELIST += "CVE-2023-2430"
 
 # cpe-stable-backport: Backported in 5.4.240
 CVE_CHECK_WHITELIST += "CVE-2023-2483"
@@ -7303,7 +7316,8 @@  CVE_CHECK_WHITELIST += "CVE-2023-45871"
 # fixed-version: only affects 6.5rc1 onwards
 CVE_CHECK_WHITELIST += "CVE-2023-45898"
 
-# CVE-2023-4610 needs backporting (fixed from 6.4)
+# fixed-version: only affects 6.4rc1 onwards
+CVE_CHECK_WHITELIST += "CVE-2023-4610"
 
 # fixed-version: only affects 6.4rc1 onwards
 CVE_CHECK_WHITELIST += "CVE-2023-4611"
@@ -7313,32 +7327,62 @@  CVE_CHECK_WHITELIST += "CVE-2023-4611"
 # cpe-stable-backport: Backported in 5.4.257
 CVE_CHECK_WHITELIST += "CVE-2023-4623"
 
+# cpe-stable-backport: Backported in 5.4.259
+CVE_CHECK_WHITELIST += "CVE-2023-46343"
+
 # fixed-version: only affects 5.10rc1 onwards
 CVE_CHECK_WHITELIST += "CVE-2023-46813"
 
-# CVE-2023-46862 needs backporting (fixed from 6.6)
+# cpe-stable-backport: Backported in 5.4.268
+CVE_CHECK_WHITELIST += "CVE-2023-46838"
+
+# fixed-version: only affects 5.10rc1 onwards
+CVE_CHECK_WHITELIST += "CVE-2023-46862"
 
 # CVE-2023-47233 has no known resolution
 
-# CVE-2023-4732 needs backporting (fixed from 5.14rc1)
+# fixed-version: only affects 5.7rc1 onwards
+CVE_CHECK_WHITELIST += "CVE-2023-4732"
 
 # CVE-2023-4881 needs backporting (fixed from 6.6rc1)
 
 # cpe-stable-backport: Backported in 5.4.257
 CVE_CHECK_WHITELIST += "CVE-2023-4921"
 
+# CVE-2023-50431 needs backporting (fixed from 6.8rc1)
+
 # fixed-version: only affects 6.0rc1 onwards
 CVE_CHECK_WHITELIST += "CVE-2023-5090"
 
+# cpe-stable-backport: Backported in 5.4.255
+CVE_CHECK_WHITELIST += "CVE-2023-51042"
+
+# cpe-stable-backport: Backported in 5.4.251
+CVE_CHECK_WHITELIST += "CVE-2023-51043"
+
 # fixed-version: only affects 5.13rc1 onwards
 CVE_CHECK_WHITELIST += "CVE-2023-5158"
 
+# CVE-2023-51779 needs backporting (fixed from 6.7rc7)
+
 # cpe-stable-backport: Backported in 5.4.260
 CVE_CHECK_WHITELIST += "CVE-2023-5178"
 
+# cpe-stable-backport: Backported in 5.4.265
+CVE_CHECK_WHITELIST += "CVE-2023-51780"
+
+# cpe-stable-backport: Backported in 5.4.265
+CVE_CHECK_WHITELIST += "CVE-2023-51781"
+
+# cpe-stable-backport: Backported in 5.4.265
+CVE_CHECK_WHITELIST += "CVE-2023-51782"
+
 # fixed-version: only affects 5.9rc1 onwards
 CVE_CHECK_WHITELIST += "CVE-2023-5197"
 
+# cpe-stable-backport: Backported in 5.4.267
+CVE_CHECK_WHITELIST += "CVE-2023-52340"
+
 # fixed-version: only affects 6.1rc1 onwards
 CVE_CHECK_WHITELIST += "CVE-2023-5345"
 
@@ -7348,17 +7392,150 @@  CVE_CHECK_WHITELIST += "CVE-2023-5633"
 # cpe-stable-backport: Backported in 5.4.259
 CVE_CHECK_WHITELIST += "CVE-2023-5717"
 
-# CVE-2023-5972 needs backporting (fixed from 6.6rc7)
+# fixed-version: only affects 6.2rc1 onwards
+CVE_CHECK_WHITELIST += "CVE-2023-5972"
+
+# fixed-version: only affects 5.15rc1 onwards
+CVE_CHECK_WHITELIST += "CVE-2023-6039"
 
-# CVE-2023-6039 needs backporting (fixed from 6.5rc5)
+# cpe-stable-backport: Backported in 5.4.267
+CVE_CHECK_WHITELIST += "CVE-2023-6040"
 
 # fixed-version: only affects 6.6rc3 onwards
 CVE_CHECK_WHITELIST += "CVE-2023-6111"
 
-# CVE-2023-6121 needs backporting (fixed from 6.7rc3)
+# cpe-stable-backport: Backported in 5.4.263
+CVE_CHECK_WHITELIST += "CVE-2023-6121"
 
 # fixed-version: only affects 5.7rc7 onwards
 CVE_CHECK_WHITELIST += "CVE-2023-6176"
 
+# fixed-version: only affects 6.6rc1 onwards
+CVE_CHECK_WHITELIST += "CVE-2023-6200"
+
 # CVE-2023-6238 has no known resolution
 
+# CVE-2023-6240 has no known resolution
+
+# CVE-2023-6270 has no known resolution
+
+# CVE-2023-6356 has no known resolution
+
+# fixed-version: only affects 6.1rc1 onwards
+CVE_CHECK_WHITELIST += "CVE-2023-6531"
+
+# CVE-2023-6535 has no known resolution
+
+# CVE-2023-6536 has no known resolution
+
+# CVE-2023-6546 needs backporting (fixed from 6.5rc7)
+
+# CVE-2023-6560 needs backporting (fixed from 6.7rc4)
+
+# cpe-stable-backport: Backported in 5.4.266
+CVE_CHECK_WHITELIST += "CVE-2023-6606"
+
+# CVE-2023-6610 needs backporting (fixed from 6.7rc7)
+
+# fixed-version: only affects 5.11rc1 onwards
+CVE_CHECK_WHITELIST += "CVE-2023-6622"
+
+# fixed-version: only affects 6.7rc1 onwards
+CVE_CHECK_WHITELIST += "CVE-2023-6679"
+
+# fixed-version: only affects 5.6rc1 onwards
+CVE_CHECK_WHITELIST += "CVE-2023-6817"
+
+# cpe-stable-backport: Backported in 5.4.268
+CVE_CHECK_WHITELIST += "CVE-2023-6915"
+
+# cpe-stable-backport: Backported in 5.4.264
+CVE_CHECK_WHITELIST += "CVE-2023-6931"
+
+# cpe-stable-backport: Backported in 5.4.263
+CVE_CHECK_WHITELIST += "CVE-2023-6932"
+
+# CVE-2023-7042 has no known resolution
+
+# cpe-stable-backport: Backported in 5.4.235
+CVE_CHECK_WHITELIST += "CVE-2023-7192"
+
+# fixed-version: only affects 6.5rc6 onwards
+CVE_CHECK_WHITELIST += "CVE-2024-0193"
+
+# CVE-2024-0340 needs backporting (fixed from 6.4rc6)
+
+# fixed-version: only affects 6.2rc1 onwards
+CVE_CHECK_WHITELIST += "CVE-2024-0443"
+
+# fixed-version: only affects 5.15rc1 onwards
+CVE_CHECK_WHITELIST += "CVE-2024-0562"
+
+# CVE-2024-0564 has no known resolution
+
+# CVE-2024-0565 needs backporting (fixed from 6.7rc6)
+
+# fixed-version: only affects 6.4rc1 onwards
+CVE_CHECK_WHITELIST += "CVE-2024-0582"
+
+# cpe-stable-backport: Backported in 5.4.263
+CVE_CHECK_WHITELIST += "CVE-2024-0584"
+
+# CVE-2024-0607 needs backporting (fixed from 6.7rc2)
+
+# fixed-version: only affects 5.13rc1 onwards
+CVE_CHECK_WHITELIST += "CVE-2024-0639"
+
+# fixed-version: only affects 5.5rc1 onwards
+CVE_CHECK_WHITELIST += "CVE-2024-0641"
+
+# cpe-stable-backport: Backported in 5.4.267
+CVE_CHECK_WHITELIST += "CVE-2024-0646"
+
+# cpe-stable-backport: Backported in 5.4.243
+CVE_CHECK_WHITELIST += "CVE-2024-0775"
+
+# CVE-2024-0841 has no known resolution
+
+# fixed-version: only affects 5.13rc1 onwards
+CVE_CHECK_WHITELIST += "CVE-2024-1085"
+
+# CVE-2024-1086 needs backporting (fixed from 6.8rc2)
+
+# CVE-2024-1312 needs backporting (fixed from 6.5rc4)
+
+# CVE-2024-21803 has no known resolution
+
+# CVE-2024-22099 has no known resolution
+
+# CVE-2024-22386 has no known resolution
+
+# fixed-version: only affects 5.15rc1 onwards
+CVE_CHECK_WHITELIST += "CVE-2024-22705"
+
+# CVE-2024-23196 has no known resolution
+
+# CVE-2024-23307 has no known resolution
+
+# CVE-2024-23848 has no known resolution
+
+# CVE-2024-23849 needs backporting (fixed from 6.8rc2)
+
+# CVE-2024-23850 has no known resolution
+
+# CVE-2024-23851 has no known resolution
+
+# CVE-2024-24855 has no known resolution
+
+# CVE-2024-24857 has no known resolution
+
+# CVE-2024-24858 has no known resolution
+
+# CVE-2024-24859 has no known resolution
+
+# CVE-2024-24860 has no known resolution
+
+# CVE-2024-24861 has no known resolution
+
+# CVE-2024-24864 has no known resolution
+