From b94e596464be4eeb245f81b2357e418affc37f19 Mon Sep 17 00:00:00 2001 From: Valek Andrej Date: Thu, 1 Feb 2024 14:24:01 -0800 Subject: glibc: Refresh CVE status w.r.t 2.39 release - drop irrelevant CVEs for 2.39 release (From OE-Core rev: bea91fb120fef012c1501d470f85ee60a672d1e3) Signed-off-by: Valek Andrej Signed-off-by: Khem Raj Signed-off-by: Richard Purdie --- meta/recipes-core/glibc/glibc-version.inc | 5 ----- meta/recipes-core/glibc/glibc_2.39.bb | 2 -- 2 files changed, 7 deletions(-) (limited to 'meta/recipes-core/glibc') diff --git a/meta/recipes-core/glibc/glibc-version.inc b/meta/recipes-core/glibc/glibc-version.inc index 848648b599..a35c7b28a7 100644 --- a/meta/recipes-core/glibc/glibc-version.inc +++ b/meta/recipes-core/glibc/glibc-version.inc @@ -7,9 +7,4 @@ GLIBC_GIT_URI ?= "git://sourceware.org/git/glibc.git;protocol=https" UPSTREAM_CHECK_GITTAGREGEX = "(?P\d+\.\d+(\.(?!90)\d+)*)" -CVE_STATUS[CVE-2023-4527] = "fixed-version: Fixed in stable branch updates" CVE_STATUS[CVE-2023-4911] = "fixed-version: Fixed in stable branch updates" -CVE_STATUS[CVE-2023-4806] = "fixed-version: Fixed in stable branch updates" -CVE_STATUS[CVE-2023-5156] = "fixed-version: Fixed in stable branch updates" -CVE_STATUS[CVE-2023-4527] = "fixed-version: Fixed in stable branch updates" -CVE_STATUS[CVE-2023-0687] = "fixed-version: Fixed in stable branch updates" diff --git a/meta/recipes-core/glibc/glibc_2.39.bb b/meta/recipes-core/glibc/glibc_2.39.bb index 0273be713f..577ff1ad2c 100644 --- a/meta/recipes-core/glibc/glibc_2.39.bb +++ b/meta/recipes-core/glibc/glibc_2.39.bb @@ -16,8 +16,6 @@ CVE_STATUS[CVE-2019-1010025] = "disputed: \ Allows for ASLR bypass so can bypass some hardening, not an exploit in itself, may allow \ easier access for another. 'ASLR bypass itself is not a vulnerability.'" -CVE_STATUS[CVE-2023-25139] = "cpe-stable-backport: This is integrated into the 2.37 branch as of 07b9521fc6" - DEPENDS += "gperf-native bison-native" NATIVESDKFIXES ?= "" -- cgit v1.2.3-54-g00ecf