cve-extra-exclusions: ignore inapplicable linux-yocto CVEs

Multiple CVEs are patched in kernel but appear as active because the NVD database is not up to date. In common file cve-extra-exclusion.inc, CVEs are ignored if and only if all versions of kernel used are patched. In cve-exclusion_6.1.inc, only ignore CVEs that are patched in v6.1, and not patched in v5.15. Recipes of version 6.1 should include this file. Reviewed-by: Yoann Congal <yoann.congal@smile.fr> (From OE-Core rev: 5feb065f1b1aaf218f71cc9d31a9251b139b9442) Signed-off-by: Geoffrey GIRY <geoffrey.giry@smile.fr> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Geoffrey GIRY <geoffrey.giry@smile.fr> 2023-04-05 12:34:54 +0200
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2023-04-05 17:26:11 +0100
commit: b8bfd3b01b660d0536a272fafa0157aac2aaab0b (patch)
tree: 7a4516ff900d89fbb0f6bc974595e0271623f7d4
parent: 0e5bdb623b0f3ca4d71eba56b54915905acbc7d9 (diff)
download: poky-b8bfd3b01b660d0536a272fafa0157aac2aaab0b.tar.gz
5 files changed, 74 insertions, 3 deletions
diff --git a/meta/conf/distro/include/cve-extra-exclusions.inc b/meta/conf/distro/include/cve-extra-exclusions.inc
index 71e9714c6d..76992c5b46 100644
--- a/meta/conf/distro/include/cve-extra-exclusions.inc
+++ b/meta/conf/distro/include/cve-extra-exclusions.inc
@@ -136,6 +136,16 @@ CVE_CHECK_IGNORE += "CVE-2022-1184"
 # Backported in version v5.15.58 b2d1e4cd558cffec6bfe318f5d74e6cffc374d29
 CVE_CHECK_IGNORE += "CVE-2022-1462"
+# https://nvd.nist.gov/vuln/detail/CVE-2022-2196
+# Introduced in version v5.8 5c911beff20aa8639e7a1f28988736c13e03ed54
+# Breaking commit backported in v5.4.47 64b8f33b2e1e687d465b5cb382e7bec495f1e026
+# Patched in kernel since v6.2 2e7eab81425ad6c875f2ed47c0ce01e78afc38a5
+# Backported in version v5.4.233 f93a1a5bdcdd122aae0a3eab7a52c15b71fb725b
+# Backported in version v5.10.170 1b0cafaae8884726c597caded50af185ffc13349
+# Backported in version v5.15.96 6b539a7dbb49250f92515c2ba60aea239efc9e35
+# Backported in version v6.1.14 63fada296062e91ad9f871970d4e7f19e21a6a15
+CVE_CHECK_IGNORE += "CVE-2022-2196"
 # https://nvd.nist.gov/vuln/detail/CVE-2022-2308
 # Introduced in version v5.15 c8a6153b6c59d95c0e091f053f6f180952ade91e
 # Patched in kernel since v6.0 46f8a29272e51b6df7393d58fc5cb8967397ef2b
@@ -169,6 +179,15 @@ CVE_CHECK_IGNORE += "CVE-2022-2785"
 # Backported in version v5.15.65 e9d7ca0c4640cbebe6840ee3bac66a25a9bacaf5
 CVE_CHECK_IGNORE += "CVE-2022-3176"
+# https://nvd.nist.gov/vuln/detail/CVE-2022-3424
+# Introduced in version v2.6.33 55484c45dbeca2eec7642932ec3f60f8a2d4bdbf
+# Patched in kernel since v6.2 643a16a0eb1d6ac23744bb6e90a00fc21148a9dc
+# Backported in version v5.4.229 0078dd8758561540ed30b2c5daa1cb647e758977
+# Backported in version v5.10.163 0f67ed565f20ea2fdd98e3b0b0169d9e580bb83c
+# Backported in version v5.15.86 d5c8f9003a289ee2a9b564d109e021fc4d05d106
+# Backported in version v6.1.2 4e947fc71bec7c7da791f8562d5da233b235ba5e
+CVE_CHECK_IGNORE += "CVE-2022-3424"
 # https://nvd.nist.gov/vuln/detail/CVE-2022-3435
 # Introduced in version v5.18 6bf92d70e690b7ff12b24f4bfff5e5434d019b82
 # Breaking commit backported in v5.4.189 f5064531c23ad646da7be8b938292b00a7e61438
@@ -382,10 +401,12 @@ CVE_CHECK_IGNORE += "CVE-2023-0266"
 CVE_CHECK_IGNORE += "CVE-2023-0394"
 # https://nvd.nist.gov/vuln/detail/CVE-2023-0461
-# Introduced in version 4.13 734942cc4ea6478eed125af258da1bdbb4afe578
+# Introduced in version v4.13 734942cc4ea6478eed125af258da1bdbb4afe578
-# Patched in kernel v6.2 2c02d41d71f90a5168391b6a5f2954112ba2307c
+# Patched in kernel since v6.2 2c02d41d71f90a5168391b6a5f2954112ba2307c
-# Backported in version v6.1.5 7d242f4a0c8319821548c7176c09a6e0e71f223c
+# Backported in version v5.4.229 c6d29a5ffdbc362314853462a0e24e63330a654d
+# Backported in version v5.10.163 f8ed0a93b5d576bbaf01639ad816473bdfd1dcb0
 # Backported in version v5.15.88 dadd0dcaa67d27f550131de95c8e182643d2c9d6
+# Backported in version v6.1.5 7d242f4a0c8319821548c7176c09a6e0e71f223c
 CVE_CHECK_IGNORE += "CVE-2023-0461"
 # https://nvd.nist.gov/vuln/detail/CVE-2023-0386
@@ -421,6 +442,32 @@ CVE_CHECK_IGNORE += "CVE-2023-1077"
 # Backported in version 6.1.12 1d52bbfd469af69fbcae88c67f160ce1b968e7f3
 CVE_CHECK_IGNORE += "CVE-2023-1078"
+# https://nvd.nist.gov/vuln/detail/CVE-2023-1118
+# Introduced in version v2.6.36 9ea53b74df9c4681f5bb2da6b2e10e37d87ea6d6
+# Patched in kernel since v6.3-rc1 29b0589a865b6f66d141d79b2dd1373e4e50fe17
+# Backported in version v5.4.235 d120334278b370b6a1623a75ebe53b0c76cb247c
+# Backported in version v5.10.173 78da5a378bdacd5bf68c3a6389bdc1dd0c0f5b3c
+# Backported in version v5.15.99 29962c478e8b2e6a6154d8d84b8806dbe36f9c28
+# Backported in version v6.1.16 029c1410e345ce579db5c007276340d072aac54a
+# Backported in version v6.2.3 182ea492aae5b64067277e60a4ea5995c4628555
+CVE_CHECK_IGNORE += "CVE-2023-1118"
+# https://nvd.nist.gov/vuln/detail/CVE-2023-1281
+# Introduced in version v4.14 9b0d4446b56904b59ae3809913b0ac760fa941a6
+# Patched in kernel since v6.2 ee059170b1f7e94e55fa6cadee544e176a6e59c2
+# Backported in version v5.10.169 eb8e9d8572d1d9df17272783ad8a84843ce559d4
+# Backported in version v5.15.95 becf55394f6acb60dd60634a1c797e73c747f9da
+# Backported in version v6.1.13 bd662ba56187b5ef8a62a3511371cd38299a507f
+CVE_CHECK_IGNORE += "CVE-2023-1281"
+# https://nvd.nist.gov/vuln/detail/CVE-2023-28466
+# Introduced in version v4.13 3c4d7559159bfe1e3b94df3a657b2cda3a34e218
+# Patched in kernel since v6.3-rc2 49c47cc21b5b7a3d8deb18fc57b0aa2ab1286962
+# Backported in version v5.15.105 0b54d75aa43a1edebc8a3770901f5c3557ee0daa
+# Backported in version v6.1.20 14c17c673e1bba08032d245d5fb025d1cbfee123
+# Backported in version v6.2.7 5231fa057bb0e52095591b303cf95ebd17bc62ce
+CVE_CHECK_IGNORE += "CVE-2023-28466"
 # Wrong CPE in NVD database
 # https://nvd.nist.gov/vuln/detail/CVE-2022-3563
 # https://nvd.nist.gov/vuln/detail/CVE-2022-3637
diff --git a/meta/recipes-kernel/linux/cve-exclusion_6.1.inc b/meta/recipes-kernel/linux/cve-exclusion_6.1.inc
new file mode 100644
index 0000000000..ec7ff9c1a7
--- /dev/null
+++ b/meta/recipes-kernel/linux/cve-exclusion_6.1.inc
@@ -0,0 +1,15 @@
+# https://nvd.nist.gov/vuln/detail/CVE-2022-3523
+# Introduced in version v2.6.12 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
+# Patched in kernel since v6.1 16ce101db85db694a91380aa4c89b25530871d33
+CVE_CHECK_IGNORE += "CVE-2022-3523"
+# https://nvd.nist.gov/vuln/detail/CVE-2022-3566
+# Introduced in version v2.6.12 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
+# Patched in kernel since v6.1 f49cd2f4d6170d27a2c61f1fecb03d8a70c91f57
+CVE_CHECK_IGNORE += "CVE-2022-3566"
+# https://nvd.nist.gov/vuln/detail/CVE-2022-3567
+# Introduced in version v2.6.12 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
+# Patched in kernel since v6.1 364f997b5cfe1db0d63a390fe7c801fa2b3115f6
+CVE_CHECK_IGNORE += "CVE-2022-3567"
diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_6.1.bb b/meta/recipes-kernel/linux/linux-yocto-rt_6.1.bb
index 5f79bc617b..2cf1b048c9 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_6.1.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_6.1.bb
@@ -2,6 +2,9 @@ KBRANCH ?= "v6.1/standard/preempt-rt/base"
 require recipes-kernel/linux/linux-yocto.inc
+# CVE exclusions
+include recipes-kernel/linux/cve-exclusion_6.1.inc
 # Skip processing of this recipe if it is not explicitly specified as the
 # PREFERRED_PROVIDER for virtual/kernel. This avoids errors when trying
 # to build multiple virtual/kernel providers, e.g. as dependency of
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_6.1.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_6.1.bb
index 58357d00c7..ff3bcad5db 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_6.1.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_6.1.bb
@@ -5,6 +5,9 @@ KCONFIG_MODE = "--allnoconfig"
 require recipes-kernel/linux/linux-yocto.inc
+# CVE exclusions
+include recipes-kernel/linux/cve-exclusion_6.1.inc
 LINUX_VERSION ?= "6.1.20"
 LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
diff --git a/meta/recipes-kernel/linux/linux-yocto_6.1.bb b/meta/recipes-kernel/linux/linux-yocto_6.1.bb
index 6f33032c00..033bc10e55 100644
--- a/meta/recipes-kernel/linux/linux-yocto_6.1.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_6.1.bb
@@ -2,6 +2,9 @@ KBRANCH ?= "v6.1/standard/base"
 require recipes-kernel/linux/linux-yocto.inc
+# CVE exclusions
+include recipes-kernel/linux/cve-exclusion_6.1.inc
 # board specific branches
 KBRANCH:qemuarm  ?= "v6.1/standard/arm-versatile-926ejs"
 KBRANCH:qemuarm64 ?= "v6.1/standard/qemuarm64"
author	Geoffrey GIRY <geoffrey.giry@smile.fr>	2023-04-05 12:34:54 +0200
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2023-04-05 17:26:11 +0100
commit	b8bfd3b01b660d0536a272fafa0157aac2aaab0b (patch)
tree	7a4516ff900d89fbb0f6bc974595e0271623f7d4
parent	0e5bdb623b0f3ca4d71eba56b54915905acbc7d9 (diff)
download	poky-b8bfd3b01b660d0536a272fafa0157aac2aaab0b.tar.gz

diff --git a/meta/conf/distro/include/cve-extra-exclusions.inc b/meta/conf/distro/include/cve-extra-exclusions.inc index 71e9714c6d..76992c5b46 100644 --- a/meta/conf/distro/include/cve-extra-exclusions.inc +++ b/meta/conf/distro/include/cve-extra-exclusions.inc
@@ -136,6 +136,16 @@ CVE_CHECK_IGNORE += "CVE-2022-1184"
136	# Backported in version v5.15.58 b2d1e4cd558cffec6bfe318f5d74e6cffc374d29	136	# Backported in version v5.15.58 b2d1e4cd558cffec6bfe318f5d74e6cffc374d29
137	CVE_CHECK_IGNORE += "CVE-2022-1462"	137	CVE_CHECK_IGNORE += "CVE-2022-1462"
138		138
		139	# https://nvd.nist.gov/vuln/detail/CVE-2022-2196
		140	# Introduced in version v5.8 5c911beff20aa8639e7a1f28988736c13e03ed54
		141	# Breaking commit backported in v5.4.47 64b8f33b2e1e687d465b5cb382e7bec495f1e026
		142	# Patched in kernel since v6.2 2e7eab81425ad6c875f2ed47c0ce01e78afc38a5
		143	# Backported in version v5.4.233 f93a1a5bdcdd122aae0a3eab7a52c15b71fb725b
		144	# Backported in version v5.10.170 1b0cafaae8884726c597caded50af185ffc13349
		145	# Backported in version v5.15.96 6b539a7dbb49250f92515c2ba60aea239efc9e35
		146	# Backported in version v6.1.14 63fada296062e91ad9f871970d4e7f19e21a6a15
		147	CVE_CHECK_IGNORE += "CVE-2022-2196"
		148
139	# https://nvd.nist.gov/vuln/detail/CVE-2022-2308	149	# https://nvd.nist.gov/vuln/detail/CVE-2022-2308
140	# Introduced in version v5.15 c8a6153b6c59d95c0e091f053f6f180952ade91e	150	# Introduced in version v5.15 c8a6153b6c59d95c0e091f053f6f180952ade91e
141	# Patched in kernel since v6.0 46f8a29272e51b6df7393d58fc5cb8967397ef2b	151	# Patched in kernel since v6.0 46f8a29272e51b6df7393d58fc5cb8967397ef2b
@@ -169,6 +179,15 @@ CVE_CHECK_IGNORE += "CVE-2022-2785"
169	# Backported in version v5.15.65 e9d7ca0c4640cbebe6840ee3bac66a25a9bacaf5	179	# Backported in version v5.15.65 e9d7ca0c4640cbebe6840ee3bac66a25a9bacaf5
170	CVE_CHECK_IGNORE += "CVE-2022-3176"	180	CVE_CHECK_IGNORE += "CVE-2022-3176"
171		181
		182	# https://nvd.nist.gov/vuln/detail/CVE-2022-3424
		183	# Introduced in version v2.6.33 55484c45dbeca2eec7642932ec3f60f8a2d4bdbf
		184	# Patched in kernel since v6.2 643a16a0eb1d6ac23744bb6e90a00fc21148a9dc
		185	# Backported in version v5.4.229 0078dd8758561540ed30b2c5daa1cb647e758977
		186	# Backported in version v5.10.163 0f67ed565f20ea2fdd98e3b0b0169d9e580bb83c
		187	# Backported in version v5.15.86 d5c8f9003a289ee2a9b564d109e021fc4d05d106
		188	# Backported in version v6.1.2 4e947fc71bec7c7da791f8562d5da233b235ba5e
		189	CVE_CHECK_IGNORE += "CVE-2022-3424"
		190
172	# https://nvd.nist.gov/vuln/detail/CVE-2022-3435	191	# https://nvd.nist.gov/vuln/detail/CVE-2022-3435
173	# Introduced in version v5.18 6bf92d70e690b7ff12b24f4bfff5e5434d019b82	192	# Introduced in version v5.18 6bf92d70e690b7ff12b24f4bfff5e5434d019b82
174	# Breaking commit backported in v5.4.189 f5064531c23ad646da7be8b938292b00a7e61438	193	# Breaking commit backported in v5.4.189 f5064531c23ad646da7be8b938292b00a7e61438
@@ -382,10 +401,12 @@ CVE_CHECK_IGNORE += "CVE-2023-0266"
382	CVE_CHECK_IGNORE += "CVE-2023-0394"	401	CVE_CHECK_IGNORE += "CVE-2023-0394"
383		402
384	# https://nvd.nist.gov/vuln/detail/CVE-2023-0461	403	# https://nvd.nist.gov/vuln/detail/CVE-2023-0461
385	# Introduced in version 4.13 734942cc4ea6478eed125af258da1bdbb4afe578	404	# Introduced in version v4.13 734942cc4ea6478eed125af258da1bdbb4afe578
386	# Patched in kernel v6.2 2c02d41d71f90a5168391b6a5f2954112ba2307c	405	# Patched in kernel since v6.2 2c02d41d71f90a5168391b6a5f2954112ba2307c
387	# Backported in version v6.1.5 7d242f4a0c8319821548c7176c09a6e0e71f223c	406	# Backported in version v5.4.229 c6d29a5ffdbc362314853462a0e24e63330a654d
		407	# Backported in version v5.10.163 f8ed0a93b5d576bbaf01639ad816473bdfd1dcb0
388	# Backported in version v5.15.88 dadd0dcaa67d27f550131de95c8e182643d2c9d6	408	# Backported in version v5.15.88 dadd0dcaa67d27f550131de95c8e182643d2c9d6
		409	# Backported in version v6.1.5 7d242f4a0c8319821548c7176c09a6e0e71f223c
389	CVE_CHECK_IGNORE += "CVE-2023-0461"	410	CVE_CHECK_IGNORE += "CVE-2023-0461"
390		411
391	# https://nvd.nist.gov/vuln/detail/CVE-2023-0386	412	# https://nvd.nist.gov/vuln/detail/CVE-2023-0386
@@ -421,6 +442,32 @@ CVE_CHECK_IGNORE += "CVE-2023-1077"
421	# Backported in version 6.1.12 1d52bbfd469af69fbcae88c67f160ce1b968e7f3	442	# Backported in version 6.1.12 1d52bbfd469af69fbcae88c67f160ce1b968e7f3
422	CVE_CHECK_IGNORE += "CVE-2023-1078"	443	CVE_CHECK_IGNORE += "CVE-2023-1078"
423		444
		445	# https://nvd.nist.gov/vuln/detail/CVE-2023-1118
		446	# Introduced in version v2.6.36 9ea53b74df9c4681f5bb2da6b2e10e37d87ea6d6
		447	# Patched in kernel since v6.3-rc1 29b0589a865b6f66d141d79b2dd1373e4e50fe17
		448	# Backported in version v5.4.235 d120334278b370b6a1623a75ebe53b0c76cb247c
		449	# Backported in version v5.10.173 78da5a378bdacd5bf68c3a6389bdc1dd0c0f5b3c
		450	# Backported in version v5.15.99 29962c478e8b2e6a6154d8d84b8806dbe36f9c28
		451	# Backported in version v6.1.16 029c1410e345ce579db5c007276340d072aac54a
		452	# Backported in version v6.2.3 182ea492aae5b64067277e60a4ea5995c4628555
		453	CVE_CHECK_IGNORE += "CVE-2023-1118"
		454
		455	# https://nvd.nist.gov/vuln/detail/CVE-2023-1281
		456	# Introduced in version v4.14 9b0d4446b56904b59ae3809913b0ac760fa941a6
		457	# Patched in kernel since v6.2 ee059170b1f7e94e55fa6cadee544e176a6e59c2
		458	# Backported in version v5.10.169 eb8e9d8572d1d9df17272783ad8a84843ce559d4
		459	# Backported in version v5.15.95 becf55394f6acb60dd60634a1c797e73c747f9da
		460	# Backported in version v6.1.13 bd662ba56187b5ef8a62a3511371cd38299a507f
		461	CVE_CHECK_IGNORE += "CVE-2023-1281"
		462
		463	# https://nvd.nist.gov/vuln/detail/CVE-2023-28466
		464	# Introduced in version v4.13 3c4d7559159bfe1e3b94df3a657b2cda3a34e218
		465	# Patched in kernel since v6.3-rc2 49c47cc21b5b7a3d8deb18fc57b0aa2ab1286962
		466	# Backported in version v5.15.105 0b54d75aa43a1edebc8a3770901f5c3557ee0daa
		467	# Backported in version v6.1.20 14c17c673e1bba08032d245d5fb025d1cbfee123
		468	# Backported in version v6.2.7 5231fa057bb0e52095591b303cf95ebd17bc62ce
		469	CVE_CHECK_IGNORE += "CVE-2023-28466"
		470
424	# Wrong CPE in NVD database	471	# Wrong CPE in NVD database
425	# https://nvd.nist.gov/vuln/detail/CVE-2022-3563	472	# https://nvd.nist.gov/vuln/detail/CVE-2022-3563
426	# https://nvd.nist.gov/vuln/detail/CVE-2022-3637	473	# https://nvd.nist.gov/vuln/detail/CVE-2022-3637


diff --git a/meta/recipes-kernel/linux/cve-exclusion_6.1.inc b/meta/recipes-kernel/linux/cve-exclusion_6.1.inc new file mode 100644 index 0000000000..ec7ff9c1a7 --- /dev/null +++ b/meta/recipes-kernel/linux/cve-exclusion_6.1.inc
@@ -0,0 +1,15 @@
		1	# https://nvd.nist.gov/vuln/detail/CVE-2022-3523
		2	# Introduced in version v2.6.12 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
		3	# Patched in kernel since v6.1 16ce101db85db694a91380aa4c89b25530871d33
		4	CVE_CHECK_IGNORE += "CVE-2022-3523"
		5
		6	# https://nvd.nist.gov/vuln/detail/CVE-2022-3566
		7	# Introduced in version v2.6.12 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
		8	# Patched in kernel since v6.1 f49cd2f4d6170d27a2c61f1fecb03d8a70c91f57
		9	CVE_CHECK_IGNORE += "CVE-2022-3566"
		10
		11	# https://nvd.nist.gov/vuln/detail/CVE-2022-3567
		12	# Introduced in version v2.6.12 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
		13	# Patched in kernel since v6.1 364f997b5cfe1db0d63a390fe7c801fa2b3115f6
		14	CVE_CHECK_IGNORE += "CVE-2022-3567"
		15


diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_6.1.bb b/meta/recipes-kernel/linux/linux-yocto-rt_6.1.bb index 5f79bc617b..2cf1b048c9 100644 --- a/meta/recipes-kernel/linux/linux-yocto-rt_6.1.bb +++ b/meta/recipes-kernel/linux/linux-yocto-rt_6.1.bb
@@ -2,6 +2,9 @@ KBRANCH ?= "v6.1/standard/preempt-rt/base"
2		2
3	require recipes-kernel/linux/linux-yocto.inc	3	require recipes-kernel/linux/linux-yocto.inc
4		4
		5	# CVE exclusions
		6	include recipes-kernel/linux/cve-exclusion_6.1.inc
		7
5	# Skip processing of this recipe if it is not explicitly specified as the	8	# Skip processing of this recipe if it is not explicitly specified as the
6	# PREFERRED_PROVIDER for virtual/kernel. This avoids errors when trying	9	# PREFERRED_PROVIDER for virtual/kernel. This avoids errors when trying
7	# to build multiple virtual/kernel providers, e.g. as dependency of	10	# to build multiple virtual/kernel providers, e.g. as dependency of


diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_6.1.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_6.1.bb index 58357d00c7..ff3bcad5db 100644 --- a/meta/recipes-kernel/linux/linux-yocto-tiny_6.1.bb +++ b/meta/recipes-kernel/linux/linux-yocto-tiny_6.1.bb
@@ -5,6 +5,9 @@ KCONFIG_MODE = "--allnoconfig"
5		5
6	require recipes-kernel/linux/linux-yocto.inc	6	require recipes-kernel/linux/linux-yocto.inc
7		7
		8	# CVE exclusions
		9	include recipes-kernel/linux/cve-exclusion_6.1.inc
		10
8	LINUX_VERSION ?= "6.1.20"	11	LINUX_VERSION ?= "6.1.20"
9	LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"	12	LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
10		13


diff --git a/meta/recipes-kernel/linux/linux-yocto_6.1.bb b/meta/recipes-kernel/linux/linux-yocto_6.1.bb index 6f33032c00..033bc10e55 100644 --- a/meta/recipes-kernel/linux/linux-yocto_6.1.bb +++ b/meta/recipes-kernel/linux/linux-yocto_6.1.bb
@@ -2,6 +2,9 @@ KBRANCH ?= "v6.1/standard/base"
2		2
3	require recipes-kernel/linux/linux-yocto.inc	3	require recipes-kernel/linux/linux-yocto.inc
4		4
		5	# CVE exclusions
		6	include recipes-kernel/linux/cve-exclusion_6.1.inc
		7
5	# board specific branches	8	# board specific branches
6	KBRANCH:qemuarm ?= "v6.1/standard/arm-versatile-926ejs"	9	KBRANCH:qemuarm ?= "v6.1/standard/arm-versatile-926ejs"
7	KBRANCH:qemuarm64 ?= "v6.1/standard/qemuarm64"	10	KBRANCH:qemuarm64 ?= "v6.1/standard/qemuarm64"