diff mbox series

[kirkstone,1/9] Revert "linux-yocto/5.15: update CVE exclusions"

Message ID 666f712018e486913ad469eb96cef6a9596c4830.1709853987.git.steve@sakoman.com
State Rejected
Delegated to: Steve Sakoman
Headers show
Series [kirkstone,1/9] Revert "linux-yocto/5.15: update CVE exclusions" | expand

Commit Message

Steve Sakoman March 7, 2024, 11:37 p.m. UTC 
This series is causing issues with adding and resizing partitions.

This reverts commit b71eeab71911ab49a8e8b8d78560fdbd66f883e7.
---
 .../linux/cve-exclusion_5.15.inc              | 91 ++-----------------
 1 file changed, 6 insertions(+), 85 deletions(-)
diff mbox series

Patch

diff --git a/meta/recipes-kernel/linux/cve-exclusion_5.15.inc b/meta/recipes-kernel/linux/cve-exclusion_5.15.inc
index d33f2b3c7f..0d54b414d9 100644
--- a/meta/recipes-kernel/linux/cve-exclusion_5.15.inc
+++ b/meta/recipes-kernel/linux/cve-exclusion_5.15.inc
@@ -1,9 +1,9 @@ 
 
 # Auto-generated CVE metadata, DO NOT EDIT BY HAND.
-# Generated at 2024-02-06 21:02:11.546853 for version 5.15.148
+# Generated at 2024-01-18 18:47:24.084935 for version 5.15.147
 
 python check_kernel_cve_status_version() {
-    this_version = "5.15.148"
+    this_version = "5.15.147"
     kernel_version = d.getVar("LINUX_VERSION")
     if kernel_version != this_version:
         bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version))
@@ -5299,12 +5299,6 @@  CVE_CHECK_IGNORE += "CVE-2021-3348"
 # fixed-version: Fixed after version 5.13rc7
 CVE_CHECK_IGNORE += "CVE-2021-33624"
 
-# fixed-version: Fixed after version 5.4rc1
-CVE_CHECK_IGNORE += "CVE-2021-33630"
-
-# cpe-stable-backport: Backported in 5.15.87
-CVE_CHECK_IGNORE += "CVE-2021-33631"
-
 # cpe-stable-backport: Backported in 5.15.54
 CVE_CHECK_IGNORE += "CVE-2021-33655"
 
@@ -6401,8 +6395,7 @@  CVE_CHECK_IGNORE += "CVE-2022-3635"
 # fixed-version: only affects 5.19 onwards
 CVE_CHECK_IGNORE += "CVE-2022-3640"
 
-# cpe-stable-backport: Backported in 5.15.129
-CVE_CHECK_IGNORE += "CVE-2022-36402"
+# CVE-2022-36402 has no known resolution
 
 # CVE-2022-3642 has no known resolution
 
@@ -7375,15 +7368,9 @@  CVE_CHECK_IGNORE += "CVE-2023-4611"
 # cpe-stable-backport: Backported in 5.15.132
 CVE_CHECK_IGNORE += "CVE-2023-4623"
 
-# cpe-stable-backport: Backported in 5.15.137
-CVE_CHECK_IGNORE += "CVE-2023-46343"
-
 # cpe-stable-backport: Backported in 5.15.137
 CVE_CHECK_IGNORE += "CVE-2023-46813"
 
-# cpe-stable-backport: Backported in 5.15.148
-CVE_CHECK_IGNORE += "CVE-2023-46838"
-
 # cpe-stable-backport: Backported in 5.15.140
 CVE_CHECK_IGNORE += "CVE-2023-46862"
 
@@ -7398,17 +7385,11 @@  CVE_CHECK_IGNORE += "CVE-2023-4881"
 # cpe-stable-backport: Backported in 5.15.132
 CVE_CHECK_IGNORE += "CVE-2023-4921"
 
-# CVE-2023-50431 needs backporting (fixed from 6.8rc1)
+# CVE-2023-50431 has no known resolution
 
 # fixed-version: only affects 6.0rc1 onwards
 CVE_CHECK_IGNORE += "CVE-2023-5090"
 
-# cpe-stable-backport: Backported in 5.15.128
-CVE_CHECK_IGNORE += "CVE-2023-51042"
-
-# cpe-stable-backport: Backported in 5.15.121
-CVE_CHECK_IGNORE += "CVE-2023-51043"
-
 # cpe-stable-backport: Backported in 5.15.135
 CVE_CHECK_IGNORE += "CVE-2023-5158"
 
@@ -7430,9 +7411,6 @@  CVE_CHECK_IGNORE += "CVE-2023-51782"
 # cpe-stable-backport: Backported in 5.15.134
 CVE_CHECK_IGNORE += "CVE-2023-5197"
 
-# cpe-stable-backport: Backported in 5.15.147
-CVE_CHECK_IGNORE += "CVE-2023-52340"
-
 # fixed-version: only affects 6.1rc1 onwards
 CVE_CHECK_IGNORE += "CVE-2023-5345"
 
@@ -7447,8 +7425,7 @@  CVE_CHECK_IGNORE += "CVE-2023-5972"
 
 # CVE-2023-6039 needs backporting (fixed from 6.5rc5)
 
-# cpe-stable-backport: Backported in 5.15.147
-CVE_CHECK_IGNORE += "CVE-2023-6040"
+# CVE-2023-6040 needs backporting (fixed from 5.18rc1)
 
 # fixed-version: only affects 6.6rc3 onwards
 CVE_CHECK_IGNORE += "CVE-2023-6111"
@@ -7459,9 +7436,6 @@  CVE_CHECK_IGNORE += "CVE-2023-6121"
 # cpe-stable-backport: Backported in 5.15.132
 CVE_CHECK_IGNORE += "CVE-2023-6176"
 
-# fixed-version: only affects 6.6rc1 onwards
-CVE_CHECK_IGNORE += "CVE-2023-6200"
-
 # CVE-2023-6238 has no known resolution
 
 # CVE-2023-6270 has no known resolution
@@ -7494,9 +7468,6 @@  CVE_CHECK_IGNORE += "CVE-2023-6679"
 # cpe-stable-backport: Backported in 5.15.143
 CVE_CHECK_IGNORE += "CVE-2023-6817"
 
-# cpe-stable-backport: Backported in 5.15.148
-CVE_CHECK_IGNORE += "CVE-2023-6915"
-
 # cpe-stable-backport: Backported in 5.15.143
 CVE_CHECK_IGNORE += "CVE-2023-6931"
 
@@ -7516,55 +7487,5 @@  CVE_CHECK_IGNORE += "CVE-2024-0193"
 # fixed-version: only affects 6.2rc1 onwards
 CVE_CHECK_IGNORE += "CVE-2024-0443"
 
-# cpe-stable-backport: Backported in 5.15.64
-CVE_CHECK_IGNORE += "CVE-2024-0562"
-
-# CVE-2024-0564 has no known resolution
-
-# CVE-2024-0565 needs backporting (fixed from 6.7rc6)
-
-# fixed-version: only affects 6.4rc1 onwards
-CVE_CHECK_IGNORE += "CVE-2024-0582"
-
-# cpe-stable-backport: Backported in 5.15.142
-CVE_CHECK_IGNORE += "CVE-2024-0584"
-
-# cpe-stable-backport: Backported in 5.15.140
-CVE_CHECK_IGNORE += "CVE-2024-0607"
-
-# cpe-stable-backport: Backported in 5.15.121
-CVE_CHECK_IGNORE += "CVE-2024-0639"
-
-# cpe-stable-backport: Backported in 5.15.135
-CVE_CHECK_IGNORE += "CVE-2024-0641"
-
-# cpe-stable-backport: Backported in 5.15.147
-CVE_CHECK_IGNORE += "CVE-2024-0646"
-
-# cpe-stable-backport: Backported in 5.15.112
-CVE_CHECK_IGNORE += "CVE-2024-0775"
-
-# CVE-2024-0841 has no known resolution
-
-# cpe-stable-backport: Backported in 5.15.148
-CVE_CHECK_IGNORE += "CVE-2024-1085"
-
-# CVE-2024-1086 needs backporting (fixed from 6.8rc2)
-
-# CVE-2024-21803 has no known resolution
-
-# CVE-2024-22099 has no known resolution
-
-# cpe-stable-backport: Backported in 5.15.146
-CVE_CHECK_IGNORE += "CVE-2024-22705"
-
-# CVE-2024-23307 has no known resolution
-
-# CVE-2024-23848 has no known resolution
-
-# CVE-2024-23849 has no known resolution
-
-# CVE-2024-23850 has no known resolution
-
-# CVE-2024-23851 has no known resolution
+# Skipping dd=CVE-2023-1476, no affected_versions