linux-yocto: update CVE exclusions files

No changes to the data, but the version checks are added. (From OE-Core rev: aac27011172dea37eb3687af57d05c9546b831ae) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Ross Burton <ross.burton@arm.com> 2023-08-25 17:08:30 +0100
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2023-08-30 09:56:13 +0100
commit: 173a772145acfc2749cf9caeda9b66b9d6c5fb11 (patch)
tree: aeb0b6760ca4cb2d5801eaf4e2a1bee3bdd6c2b0
parent: 2b0eac4dd68e1ea203d8aadb541e0821fa7d4208 (diff)
download: poky-173a772145acfc2749cf9caeda9b66b9d6c5fb11.tar.gz
2 files changed, 20 insertions, 2 deletions
diff --git a/meta/recipes-kernel/linux/cve-exclusion_6.1.inc b/meta/recipes-kernel/linux/cve-exclusion_6.1.inc
index 499785f6d2..ce3a534cf3 100644
--- a/meta/recipes-kernel/linux/cve-exclusion_6.1.inc
+++ b/meta/recipes-kernel/linux/cve-exclusion_6.1.inc
@@ -1,5 +1,14 @@
 # Auto-generated CVE metadata, DO NOT EDIT BY HAND.
-# Generated at 2023-08-21 12:41:13.991251 for version 6.1.43
+# Generated at 2023-08-25 12:42:35.329668 for version 6.1.46"
+python check_kernel_cve_status_version() {
+    this_version = "6.1.46"
+    kernel_version = d.getVar("LINUX_VERSION")
+    if kernel_version != this_version:
+        bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version))
+}
+do_cve_check[prefuncs] += "check_kernel_cve_status_version"
 CVE_STATUS[CVE-2003-1604] = "fixed-version: Fixed after version 2.6.12rc2"
diff --git a/meta/recipes-kernel/linux/cve-exclusion_6.4.inc b/meta/recipes-kernel/linux/cve-exclusion_6.4.inc
index b9210724bf..63f0760b2d 100644
--- a/meta/recipes-kernel/linux/cve-exclusion_6.4.inc
+++ b/meta/recipes-kernel/linux/cve-exclusion_6.4.inc
@@ -1,5 +1,14 @@
 # Auto-generated CVE metadata, DO NOT EDIT BY HAND.
-# Generated at 2023-08-21 12:41:33.545124 for version 6.4.9
+# Generated at 2023-08-25 12:42:28.369507 for version 6.4.11"
+python check_kernel_cve_status_version() {
+    this_version = "6.4.11"
+    kernel_version = d.getVar("LINUX_VERSION")
+    if kernel_version != this_version:
+        bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version))
+}
+do_cve_check[prefuncs] += "check_kernel_cve_status_version"
 CVE_STATUS[CVE-2003-1604] = "fixed-version: Fixed after version 2.6.12rc2"
author	Ross Burton <ross.burton@arm.com>	2023-08-25 17:08:30 +0100
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2023-08-30 09:56:13 +0100
commit	173a772145acfc2749cf9caeda9b66b9d6c5fb11 (patch)
tree	aeb0b6760ca4cb2d5801eaf4e2a1bee3bdd6c2b0
parent	2b0eac4dd68e1ea203d8aadb541e0821fa7d4208 (diff)
download	poky-173a772145acfc2749cf9caeda9b66b9d6c5fb11.tar.gz

diff --git a/meta/recipes-kernel/linux/cve-exclusion_6.1.inc b/meta/recipes-kernel/linux/cve-exclusion_6.1.inc index 499785f6d2..ce3a534cf3 100644 --- a/meta/recipes-kernel/linux/cve-exclusion_6.1.inc +++ b/meta/recipes-kernel/linux/cve-exclusion_6.1.inc
@@ -1,5 +1,14 @@
		1
1	# Auto-generated CVE metadata, DO NOT EDIT BY HAND.	2	# Auto-generated CVE metadata, DO NOT EDIT BY HAND.
2	# Generated at 2023-08-21 12:41:13.991251 for version 6.1.43	3	# Generated at 2023-08-25 12:42:35.329668 for version 6.1.46"
		4
		5	python check_kernel_cve_status_version() {
		6	this_version = "6.1.46"
		7	kernel_version = d.getVar("LINUX_VERSION")
		8	if kernel_version != this_version:
		9	bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version))
		10	}
		11	do_cve_check[prefuncs] += "check_kernel_cve_status_version"
3		12
4	CVE_STATUS[CVE-2003-1604] = "fixed-version: Fixed after version 2.6.12rc2"	13	CVE_STATUS[CVE-2003-1604] = "fixed-version: Fixed after version 2.6.12rc2"
5		14


diff --git a/meta/recipes-kernel/linux/cve-exclusion_6.4.inc b/meta/recipes-kernel/linux/cve-exclusion_6.4.inc index b9210724bf..63f0760b2d 100644 --- a/meta/recipes-kernel/linux/cve-exclusion_6.4.inc +++ b/meta/recipes-kernel/linux/cve-exclusion_6.4.inc
@@ -1,5 +1,14 @@
		1
1	# Auto-generated CVE metadata, DO NOT EDIT BY HAND.	2	# Auto-generated CVE metadata, DO NOT EDIT BY HAND.
2	# Generated at 2023-08-21 12:41:33.545124 for version 6.4.9	3	# Generated at 2023-08-25 12:42:28.369507 for version 6.4.11"
		4
		5	python check_kernel_cve_status_version() {
		6	this_version = "6.4.11"
		7	kernel_version = d.getVar("LINUX_VERSION")
		8	if kernel_version != this_version:
		9	bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version))
		10	}
		11	do_cve_check[prefuncs] += "check_kernel_cve_status_version"
3		12
4	CVE_STATUS[CVE-2003-1604] = "fixed-version: Fixed after version 2.6.12rc2"	13	CVE_STATUS[CVE-2003-1604] = "fixed-version: Fixed after version 2.6.12rc2"
5		14