summaryrefslogtreecommitdiffstats
path: root/meta/recipes-bsp/grub
Commit message (Collapse)AuthorAgeFilesLines
* grub: patch CVE-2025-0678 and CVE-2025-1125Peter Marko2025-03-152-0/+88
| | | | | | | | | Cherry-pick patch mentioning these CVEs. (From OE-Core rev: d0283e421e41b6775f40a51de6018c2c5cfda61f) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* grub: patch CVE-2025-0677, CVE-2025-0684, CVE-2025-0685, CVE-2025-0686 and ↵Peter Marko2025-03-152-0/+378
| | | | | | | | | | | CVE-2025-0689 Cherry-pick patch mentioning these CVEs. (From OE-Core rev: 0a2cb15d6953a809135bea69609673d068f46df1) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* grub: patch CVE-2024-45778 and CVE-2024-45779Peter Marko2025-03-152-0/+56
| | | | | | | | | Cherry-pick patch mentioning these CVEs. (From OE-Core rev: 9ecee5f950f249d982b307bbdbe0e13e55f27b24) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* grub: patch CVE-2025-1118Peter Marko2025-03-152-0/+38
| | | | | | | | | Cherry-pick patch mentioning this CVE. (From OE-Core rev: def610a1298ad7b8c98185a2b4c46f2c7173a950) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* grub: patch CVE-2025-0690Peter Marko2025-03-152-0/+74
| | | | | | | | | Cherry-pick patch mentioning this CVE. (From OE-Core rev: ab56d0eb79b40f5e60af20dadcda1b0239fe020e) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* grub: patch CVE-2024-45777Peter Marko2025-03-152-0/+58
| | | | | | | | | Cherry-pick patch mentioning this CVE. (From OE-Core rev: bfebaeb1705d072eb6b42a6dfe9bff4829a49a33) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* grub: patch CVE-2024-45776Peter Marko2025-03-152-0/+40
| | | | | | | | | Cherry-pick patch mentioning this CVE. (From OE-Core rev: ba19a6126d315c964214e7ca89895ea1ba8b4a15) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* grub: patch CVE-2025-0622Peter Marko2025-03-154-0/+117
| | | | | | | | | Cherry-pick patch mentioning this CVE. (From OE-Core rev: aeefadfda0e98d0b3369c4abc98485774e1fe562) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* grub: patch CVE-2024-45775Peter Marko2025-03-152-0/+39
| | | | | | | | | Cherry-pick patch mentioning this CVE. (From OE-Core rev: 0ae686de6aefb10d961cd8965dba8a02d1c977c6) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* grub: patch CVE-2024-45774Peter Marko2025-03-152-0/+38
| | | | | | | | | Cherry-pick patch mentioning this CVE. (From OE-Core rev: e956e7437aa95e006547c3a92271b64c25252a50) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* grub: patch CVE-2025-0624Peter Marko2025-03-152-0/+85
| | | | | | | | | Cherry-pick patch mentioning this CVE. (From OE-Core rev: 29778ceddd775c47d722ecf1cc587c6526202d0b) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* grub: patch CVE-2024-45783Peter Marko2025-03-152-0/+40
| | | | | | | | | Cherry-pick patch mentioning this CVE. (From OE-Core rev: 7c18697372444ef9e4df03b7c9de7b8da7f4f600) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* grub: patch CVE-2024-45780Peter Marko2025-03-152-0/+94
| | | | | | | | | Cherry-pick patch mentioning this CVE. (From OE-Core rev: 3c33dbc32859ce45743c507120317a562b1a897d) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* grub: patch CVE-2024-45782 and CVE-2024-56737Peter Marko2025-03-152-0/+37
| | | | | | | | | Cherry-pick patch mentioning these CVEs. (From OE-Core rev: 3b497db0bff69c8e7a4f5466b155d1c84051cc59) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* grup: patch CVE-2024-45781Peter Marko2025-03-152-0/+36
| | | | | | | | | Cherry-pick patch mentioning this CVE. (From OE-Core rev: ef41ef5730d08371d1eb03f94fa9357edf26889f) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* grub: backport strlcpy functionPeter Marko2025-03-152-0/+69
| | | | | | | | | It is used to fix multiple CVEs. (From OE-Core rev: 48cf877397b82449f171190a33a8e723512b8227) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* grub: drop obsolete CVE statusesPeter Marko2025-03-151-3/+0
| | | | | | | | | | CVE-2021-46705 was needed only with 2.06 CVE-2023-4692 and CVE-2023-4693 were fixed in NVD DB meanwhile (From OE-Core rev: 7d35eefd2290bad78199354157e5d275ceda0ce2) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* grub,grub-efi: Remove -mfpmath=sse on x86Khem Raj2024-06-101-0/+4
| | | | | | | | | | | | | | | | | This option fails with clang compiler when testing for soft-float because OE enforces this option via CCARGS however, gtub's makefile/configure does disable all sse options when checking for soft-float support, but it can not disable -mfpmath=sse as its inserted by OE, therefore remove it in recipe Fixes build errors seen with clang/musl like on x86 error: the 'sse' unit is not supported with this instruction set (From OE-Core rev: ad76da4ff6d7110747b620621ae3728de9905465) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* grub: remove unneeded ↵Alexander Kanavin2024-05-282-45/+0
| | | | | | | | | | | | 0001-Disable-mfpmath-sse-as-well-when-SSE-is-disabled.patch Verified on qemux86 and qemux86-64 with grub and grub-efi. (From OE-Core rev: d06ee594e1bbe15b3a45c9efaaddb1e869a69cb3) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* grub: mark grub-module-explicitly-keeps-symbole-.module_license.patch as a ↵Alexander Kanavin2024-05-281-1/+1
| | | | | | | | | | workaround (From OE-Core rev: 6307adb5b0644845f4062c21ac5717eb62a61dd3) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* recipes: Switch away from S = WORKDIRRichard Purdie2024-05-211-1/+2
| | | | | | | | | | | | | Where recipes use S = ${WORKDIR}, change them to set UNPACKDIR to a subdir of WORKDIR and make S point at this instead. I've chosen not to force S into any standard UNPACKDIR we may pick in future just so the S = UNPACKDIR case is clearly visible by the directory naming under WORKDIR as that should aid usability. (From OE-Core rev: d9328e3b0b062f0621de3d114584b44f384a1c02) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* recipes: Start WORKDIR -> UNPACKDIR transitionRichard Purdie2024-05-211-1/+1
| | | | | | | | | Replace references of WORKDIR with UNPACKDIR where it makes sense to do so in preparation for changing the default value of UNPACKDIR. (From OE-Core rev: 1f18b9a512800860d5153d89eb82b56388efad6f) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* meta: Update CVE_STATUS for incorrect cpesSimone Weiß2024-02-241-0/+2
| | | | | | | | | | Set CVE_STATUS as none of the issues apply against the versions used in the recipes. (From OE-Core rev: cea8c8bf73e84133f566d1c2ca0637494f2d7afe) Signed-off-by: Simone Weiß <simone.p.weiss@posteo.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* grub2: ignore CVE-2024-1048, Redhat only issueSimone Weiß2024-02-181-0/+1
| | | | | | | | | | Redhat/Fedora specific as it affects the grub2-set-bootflag extension added by Redhat to grub. (From OE-Core rev: 40cd768368167f81de5bb55e9ff0584035f4c1b4) Signed-off-by: Simone Weiß <simone.p.weiss@posteo.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* grub2: ignore CVE-2023-4001, this is Red Hat-specificRoss Burton2024-02-021-0/+1
| | | | | | | | (From OE-Core rev: f99b25355133fe8f65a55737270e67ea10b79d52) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* grub2: upgrade 2.06 -> 2.12Anuj Mittal2024-01-2434-2956/+28
| | | | | | | | | | | | | | Drop patches that have been upstreamed. Refresh others. This version dropped extra_deps.lst from the tarball [1] and that leads to build failures. Restore it in do_configure for now. [1] https://git.savannah.gnu.org/cgit/grub.git/commit/?id=b835601c7639ed1890f2d3db91900a8506011a8e (From OE-Core rev: 7c8e1e48075f7f54aec9d295605c982f440be5d5) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* grub: fs/fat: Don't error when mtime is 0Ming Liu2024-01-032-0/+71
| | | | | | | | | | | A issue was found when I run "runqemu genericx86-64 ovmf", grub failed to boot, it's a known issue has been fixed in grub upstream, backport the fix. (From OE-Core rev: 51eab4bb0cae46c9c32d28986eb97badf47594b7) Signed-off-by: Ming Liu <liu.ming50@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* grub: Fix for CVE-2023-4692 and CVE-2023-4693Xiangyu Chen2023-11-103-0/+163
| | | | | | | | | | | | | | | | | | | | | | | | | | | CVE: CVE-2023-4692 Crafted file system images can cause heap-based buffer overflow and may allow arbitrary code execution and secure boot bypass. Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=43651027d24e62a7a463254165e1e46e42aecdea] CVE: CVE-2023-4693 There an out-of-bounds read at fs/ntfs.c, a physically present attacker may leverage that by presenting a specially crafted NTFS file system image to read arbitrary memory locations. A successful attack may allow sensitive data cached in memory or EFI variables values to be leaked presenting a high Confidentiality risk. Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=0ed2458cc4eff6d9a9199527e2a0b6d445802f94] (From OE-Core rev: a8bc6f041599ce8da275c163c87f155a2f09369c) Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cve_check: convert CVE_CHECK_IGNORE to CVE_STATUSAndrej Valek2023-07-211-4/+2
| | | | | | | | | | | | | - Try to add convert and apply statuses for old CVEs - Drop some obsolete ignores, while they are not relevant for current version (From OE-Core rev: 1634ed4048cf56788cd5c2c1bdc979b70afcdcd7) Signed-off-by: Andrej Valek <andrej.valek@siemens.com> Reviewed-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* grub: submit determinism.patch upstreamAlexander Kanavin2023-06-151-1/+1
| | | | | | | (From OE-Core rev: 61947762e410c685f667e0af6440fb8a33cd6777) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* grub2: support metadata_csum_seed featureKai Kang2023-03-072-0/+67
| | | | | | | | | | | | It enable the metadata_csum_seed feature by default in e2fsprogs 1.47.0 and causes grub doesn't work. Backport patch to make grub support this feature. (From OE-Core rev: ae3b4588d69e534ac8aff136ed44f3975f5a2d4f) Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* grub: Handle R_RISCV_CALL_PLT relocKhem Raj2023-02-242-0/+49
| | | | | | | | | These are new in binutils 2.40+ (From OE-Core rev: f2883fb1d7302087479940b422ba836d2fe35fc4) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* grub2: backport patch to fix CVE-2022-2601 CVE-2022-3775Xiangyu Chen2022-12-264-0/+298
| | | | | | | | | | | | | | | | | | | Backport patch from upstream to solve CVE-2022-2601 CVE-2022-3775 dependency: font: Fix size overflow in grub_font_get_glyph_internal() (https://git.savannah.gnu.org/cgit/grub.git/commit/?id=9c76ec09ae08155df27cd237eaea150b4f02f532) Backport patch from upstream to fix following CVEs: CVE-2022-2601: font: Fix several integer overflows in grub_font_construct_glyph() (https://git.savannah.gnu.org/cgit/grub.git/commit/?id=768e1ef2fc159f6e14e7246e4be09363708ac39e) CVE-2022-3775: font: Fix an integer underflow in blit_comb() (https://git.savannah.gnu.org/cgit/grub.git/commit/?id=992c06191babc1e109caf40d6a07ec6fdef427af) (From OE-Core rev: fa5a42150098be892246146456faed778e28ef94) Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Liwei Song <liwei.song@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* grub: backport patches to fix CVE-2022-28736Xiangyu Chen2022-12-084-0/+386
| | | | | | | | (From OE-Core rev: 278e1a0f679be813553b014544314041502a586a) Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* grub: disable build on armv7ve/a with hardfpMingli Yu2022-10-261-2/+2
| | | | | | | | | | | | | | | | | | | | The commit(75dbdea940 grub: Allow build on armv7ve/a with softfp) enable build on armv7ve/a with softfp, but it acutally enable build on armv7ve/a with hardfp altogether and result in below build failure: | checking for compile options to get strict alignment... -mno-unaligned-access | checking if compiler generates unaligned accesses... no | checking if C symbols get an underscore after compilation... no | checking whether target compiler is working... no | configure: error: cannot compile for the target So update the check to disable build on armv7ve/a with hardfp. (From OE-Core rev: f67b2880fc2cfb21f51216c63b5f24d0524b4278) Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* grub: Allow build on armv7ve/a with softfpAndrei Gherzan2022-09-211-3/+7
| | | | | | | | | | | | | | | | | | | | Grub tries to force the compilation in softfp mode for some known target CPU. That is because it doesn't use floats or doubles and there are known limitations of using a configuration with hardfp. There are though target CPUs that grub won't know how to configure failing with something similar to: | checking for options to get soft-float... no | configure: error: could not force soft-float This change relaxes a bit the COMPATIBLE_HOST restriction to only apply for hardfp configuration even for arm7ve/a. (From OE-Core rev: 75dbdea94057b6977a20fb738c00c226ca694243) Signed-off-by: Andrei Gherzan <andrei.gherzan@huawei.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* grub: Apply backports to fix build with clang on x86Khem Raj2022-09-203-0/+109
| | | | | | | (From OE-Core rev: 2213b6ce1ec944228d7bb3c95f2e02ac0995b5be) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* grub2: fix several CVEsYongxin Liu2022-08-2111-0/+1621
| | | | | | | | | | | | | | | | | | | | Backport CVE patches from upstream to fix: CVE-2021-3695 CVE-2021-3696 CVE-2021-3697 CVE-2022-28733 CVE-2022-28734 CVE-2022-28735 Backport the following 5 patches to make CVE patches be applied smoothly. video-Remove-trailing-whitespaces.patch video-readers-jpeg-Abort-sooner-if-a-read-operation-.patch video-readers-jpeg-Refuse-to-handle-multiple-start-o.patch (From OE-Core rev: db43401a3a4c201f02f4128fa4bac8ce993bfec0) Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* grub: ignore CVE-2021-46705Ross Burton2022-03-291-0/+2
| | | | | | | | | | This is specific to SUSE Linux. (From OE-Core rev: 594baef3b08d40fbbf1899f4cadeb9931c035c1a) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* grub-efi: Add option to include all available modulesDiego Sueiro2022-03-121-2/+13
| | | | | | | | | | | | | Include all available modules If 'all' is present in GRUB_BUILDIN variable. To achieve this we need to search for all .mod files in ${B}/grub-core/ and pass them to grub-mkimage command. Also, add the verbose option to grub-mkimage. (From OE-Core rev: ed1bf9aa0af8c12905cf8332bbbb212ab158fe3c) Signed-off-by: Diego Sueiro <diego.sueiro@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* meta/scripts: Automated conversion of OE renamed variablesRichard Purdie2022-02-211-1/+1
| | | | | | (From OE-Core rev: aa52af4518604b5bf13f3c5e885113bf868d6c81) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* grub: Fix build with bintutils 2.38 on riscvKhem Raj2022-02-202-0/+48
| | | | | | | (From OE-Core rev: d42596457628f41baa5729545e2932c6692f73ee) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX ↵Richard Purdie2022-02-201-1/+1
| | | | | | | | | | | | | license identifiers An automated conversion using scripts/contrib/convert-spdx-licenses.py to convert to use the standard SPDX license identifiers. Two recipes in meta-selftest were not converted as they're that way specifically for testing. A change in linux-firmware was also skipped and may need a more manual tweak. (From OE-Core rev: ceda3238cdbf1beb216ae9ddb242470d5dfc25e0) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* grub-efi: Add xen_boot support when 'xen' is in DISTRO_FEATURES for aarch64Kamil Dziezyk2022-01-141-0/+3
| | | | | | | | | 'xen-boot' module is available only for aarch64. (From OE-Core rev: bfabc6d4f8742cc1fdeb49c180b0f78faf5739a2) Signed-off-by: Kamil Dziezyk <kamil.dziezyk@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* grub2: fix CVE-2021-3981Yongxin Liu2022-01-042-0/+50
| | | | | | | (From OE-Core rev: bb554d14142f93c39fd1516a31757006531c348f) Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* meta: stop using "virtual/" in RPROVIDES and RDEPENDSMichael Opdenacker2021-09-012-2/+2
| | | | | | | | | | | | | | | | | Fixes [YOCTO #14538] Recipes shouldn't use the "virtual/" string in RPROVIDES and RDEPENDS. That's confusing because "virtual/" has no special meaning in RPROVIDES and RDEPENDS (unlike in PROVIDES and DEPENDS). Instead, using "virtual-" instead of "virtual/" as already done in the glibc recipe. (From OE-Core rev: 93ac180d8c389f16964bce8bd5538d9389e970e6) Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Convert to new override syntaxRichard Purdie2021-08-024-28/+28
| | | | | | | | | | | | This is the result of automated script conversion: scripts/contrib/convert-overrides.py <oe-core directory> converting the metadata to use ":" as the override character instead of "_". (From OE-Core rev: 42344347be29f0997cc2f7636d9603b1fe1875ae) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* grub: upgrade 2.04+2.06~rc1 -> 2.06Alexander Kanavin2021-06-173-17/+4
| | | | | | | (From OE-Core rev: 0f528608eb48809955b2610ecc4bd689f1cf8899) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* grub: Exclude CVE-2019-14865 from cve-checkRichard Purdie2021-05-211-0/+3
| | | | | | | | The CVE only applies to RHEL. (From OE-Core rev: 8cfc3ebe50facb7e34e778f3e264b26cfae20a04) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* grub2: Add CVE whitelist entries for issues fixed in 2.06Richard Purdie2021-05-111-0/+7
| | | | | | | | | | | | We're using a pre-release version of 2.06 so these issues are fixed but continue to show up in the checks since it is pre-2.06 and the CPE entries are "before but excluding 2.06". Adding these will clean up CVE reports until the 2.06 release comes out. (From OE-Core rev: 2467ab1554bee3a431636046735e8e369e865bc6) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2026-04-22 04:55:50 +0000