| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Review the last of the historical kernel CVEs. Issues which are
specific to other platforms or distributions are ignored in the kernel
recipe itself, whereas general security concerns like "ICMP leaks
information" and "USB has flaws" are ignored with more details in the
extra-exclusions file as before.
(From OE-Core rev: fe1c0b9725f88d15ba48b02b5fef01f2cf2e9d78)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
|
|
|
|
|
|
| |
Do manual review and disposition these CVEs as appropriate.
(From OE-Core rev: a8db0735e228465715cf885d3b889fddfd68efc6)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Some of the CVE_STATUS assignments are not specific to the version, so
move them to an unversioned file and include it in the recipes.
For example: some CVEs are disputed, or are specific to other
distributions.
(From OE-Core rev: d8656d9d4dfcaef6b492f5bf4cb003f16d7a3a4b)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|