mirrors/poky

Fork 0

mirror of https://git.yoctoproject.org/poky synced 2026-06-01 00:59:48 +00:00

Commit Graph

Author	SHA1	Message	Date
Ross Burton	d2b17a0db7	cve-exclusion: review the last of the historical kernel CVEs Review the last of the historical kernel CVEs. Issues which are specific to other platforms or distributions are ignored in the kernel recipe itself, whereas general security concerns like "ICMP leaks information" and "USB has flaws" are ignored with more details in the extra-exclusions file as before. (From OE-Core rev: fe1c0b9725f88d15ba48b02b5fef01f2cf2e9d78) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2023-09-07 14:42:37 +01:00
Ross Burton	0dd973297d	linux: review some historic CVE_STATUS Do manual review and disposition these CVEs as appropriate. (From OE-Core rev: a8db0735e228465715cf885d3b889fddfd68efc6) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2023-09-06 17:52:45 +01:00
Ross Burton	b0152a3464	linux-yocto: extract generic kernel CVE_STATUS Some of the CVE_STATUS assignments are not specific to the version, so move them to an unversioned file and include it in the recipes. For example: some CVEs are disputed, or are specific to other distributions. (From OE-Core rev: d8656d9d4dfcaef6b492f5bf4cb003f16d7a3a4b) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2023-08-09 21:48:11 +01:00

Author

SHA1

Message

Date

Ross Burton

d2b17a0db7

cve-exclusion: review the last of the historical kernel CVEs

Review the last of the historical kernel CVEs.  Issues which are
specific to other platforms or distributions are ignored in the kernel
recipe itself, whereas general security concerns like "ICMP leaks
information" and "USB has flaws" are ignored with more details in the
extra-exclusions file as before.

(From OE-Core rev: fe1c0b9725f88d15ba48b02b5fef01f2cf2e9d78)

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

2023-09-07 14:42:37 +01:00

Ross Burton

0dd973297d

linux: review some historic CVE_STATUS

Do manual review and disposition these CVEs as appropriate.

(From OE-Core rev: a8db0735e228465715cf885d3b889fddfd68efc6)

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

2023-09-06 17:52:45 +01:00

Ross Burton

b0152a3464

linux-yocto: extract generic kernel CVE_STATUS

Some of the CVE_STATUS assignments are not specific to the version, so
move them to an unversioned file and include it in the recipes.

For example: some CVEs are disputed, or are specific to other
distributions.

(From OE-Core rev: d8656d9d4dfcaef6b492f5bf4cb003f16d7a3a4b)

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

2023-08-09 21:48:11 +01:00

3 Commits