[meta][PATCH 02/10] linux-yocto/6.18: update CVE exclusions (6.18.9)

public inbox for openembedded-core@lists.openembedded.org
 help / color / mirror / Atom feed

From: bruce.ashfield@gmail.com
To: richard.purdie@linuxfoundation.org
Cc: openembedded-core@lists.openembedded.org
Subject: [meta][PATCH 02/10] linux-yocto/6.18: update CVE exclusions (6.18.9)
Date: Sun,  1 Mar 2026 23:55:28 -0500	[thread overview]
Message-ID: <20260302045537.2153587-3-bruce.ashfield@gmail.com> (raw)
In-Reply-To: <20260302045537.2153587-1-bruce.ashfield@gmail.com>

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Data pulled from: https://github.com/CVEProject/cvelistV5

    1/1 [
        Author: cvelistV5 Github Action
        Email: github_action@example.com
        Subject: 4 changes (4 new | 0 updated): - 4 new CVEs: CVE-2026-25931, CVE-2026-25934, CVE-2026-25938, CVE-2026-25939 - 0 updated CVEs:
        Date: Mon, 9 Feb 2026 22:23:00 +0000

    ]

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---
 .../linux/cve-exclusion_6.18.inc               | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

diff --git a/meta/recipes-kernel/linux/cve-exclusion_6.18.inc b/meta/recipes-kernel/linux/cve-exclusion_6.18.inc
index 383f35291e..0de60d7d94 100644
--- a/meta/recipes-kernel/linux/cve-exclusion_6.18.inc
+++ b/meta/recipes-kernel/linux/cve-exclusion_6.18.inc
@@ -1,11 +1,11 @@
 
 # Auto-generated CVE metadata, DO NOT EDIT BY HAND.
-# Generated at 2026-02-05 00:48:36.677660+00:00 for kernel version 6.18.8
-# From linux_kernel_cves 2026-02-05_baseline
+# Generated at 2026-02-09 22:31:26.580286+00:00 for kernel version 6.18.9
+# From linux_kernel_cves cve_2026-02-09_2200Z
 
 
 python check_kernel_cve_status_version() {
-    this_version = "6.18.8"
+    this_version = "6.18.9"
     kernel_version = d.getVar("LINUX_VERSION")
     if kernel_version != this_version:
         bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version))
@@ -20156,7 +20156,7 @@ CVE_STATUS[CVE-2025-71072] = "cpe-stable-backport: Backported in 6.18.3"
 
 CVE_STATUS[CVE-2025-71073] = "cpe-stable-backport: Backported in 6.18.3"
 
-# CVE-2025-71074 needs backporting (fixed from 6.19rc1)
+# CVE-2025-71074 needs backporting (fixed from 6.19)
 
 CVE_STATUS[CVE-2025-71075] = "cpe-stable-backport: Backported in 6.18.3"
 
@@ -20300,7 +20300,7 @@ CVE_STATUS[CVE-2025-71144] = "cpe-stable-backport: Backported in 6.18.5"
 
 # CVE-2025-71145 has no known resolution
 
-CVE_STATUS[CVE-2025-71146] = "cpe-stable-backport: Backported in 6.18.3"
+CVE_STATUS[CVE-2025-71146] = "fixed-version: Fixed from version 6.18.3"
 
 CVE_STATUS[CVE-2025-71147] = "cpe-stable-backport: Backported in 6.18.3"
 
@@ -20390,7 +20390,7 @@ CVE_STATUS[CVE-2026-22981] = "cpe-stable-backport: Backported in 6.18.6"
 
 CVE_STATUS[CVE-2026-22982] = "cpe-stable-backport: Backported in 6.18.6"
 
-CVE_STATUS[CVE-2026-22983] = "cpe-stable-backport: Backported in 6.18.6"
+CVE_STATUS[CVE-2026-22983] = "fixed-version: Fixed from version 6.18.6"
 
 CVE_STATUS[CVE-2026-22984] = "cpe-stable-backport: Backported in 6.18.6"
 
@@ -20400,7 +20400,7 @@ CVE_STATUS[CVE-2026-22986] = "cpe-stable-backport: Backported in 6.18.6"
 
 CVE_STATUS[CVE-2026-22987] = "cpe-stable-backport: Backported in 6.18.6"
 
-CVE_STATUS[CVE-2026-22988] = "cpe-stable-backport: Backported in 6.18.6"
+CVE_STATUS[CVE-2026-22988] = "fixed-version: Fixed from version 6.18.6"
 
 CVE_STATUS[CVE-2026-22989] = "cpe-stable-backport: Backported in 6.18.6"
 
@@ -20414,7 +20414,7 @@ CVE_STATUS[CVE-2026-22993] = "cpe-stable-backport: Backported in 6.18.6"
 
 CVE_STATUS[CVE-2026-22994] = "cpe-stable-backport: Backported in 6.18.6"
 
-CVE_STATUS[CVE-2026-22995] = "cpe-stable-backport: Backported in 6.18.6"
+CVE_STATUS[CVE-2026-22995] = "fixed-version: Fixed from version 6.18.6"
 
 CVE_STATUS[CVE-2026-22996] = "cpe-stable-backport: Backported in 6.18.7"
 
@@ -20588,7 +20588,7 @@ CVE_STATUS[CVE-2026-23080] = "cpe-stable-backport: Backported in 6.18.8"
 
 CVE_STATUS[CVE-2026-23081] = "cpe-stable-backport: Backported in 6.18.8"
 
-CVE_STATUS[CVE-2026-23082] = "cpe-stable-backport: Backported in 6.18.8"
+CVE_STATUS[CVE-2026-23082] = "fixed-version: Fixed from version 6.18.8"
 
 CVE_STATUS[CVE-2026-23083] = "cpe-stable-backport: Backported in 6.18.8"
 
-- 
2.43.0

next prev parent reply	other threads:[~2026-03-02  4:55 UTC|newest]

Thread overview: 14+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2026-03-02  4:55 [PATCH 0/10] linux-yocto: consolidated / combined pull request bruce.ashfield
2026-03-02  4:55 ` [meta][PATCH 01/10] linux-yocto/6.18: update to v6.18.9 bruce.ashfield
2026-03-02  4:55 ` bruce.ashfield [this message]
2026-03-02  4:55 ` [meta][PATCH 03/10] linux-yocto/6.18: update to v6.18.11 bruce.ashfield
2026-03-02  4:55 ` [meta][PATCH 04/10] linux-yocto/6.18: update CVE exclusions (6.18.11) bruce.ashfield
2026-03-02  4:55 ` [meta][PATCH 05/10] linux-yocto/6.16: genericarm64: feature splits and enablement bruce.ashfield
2026-03-02  4:55 ` [meta][PATCH 06/10] linux-yocto/6.18: update to v6.18.13 bruce.ashfield
2026-03-02  4:55 ` [meta][PATCH 07/10] linux-yocto/6.18: update CVE exclusions (6.18.13) bruce.ashfield
2026-03-02  4:55 ` [meta-yocto-bsp][PATCH 08/10] yocto-bsp: update to v6.18.9 bruce.ashfield
2026-03-02  4:55 ` [meta-yocto-bsp][PATCH 09/10] yocto-bsp: update to v6.18.11 bruce.ashfield
2026-03-02  4:55 ` [meta-yocto-bsp][PATCH 10/10] yocto-bsp: update to v6.18.13 bruce.ashfield
2026-03-03  8:44 ` [OE-core] [PATCH 0/10] linux-yocto: consolidated / combined pull request Mathieu Dubois-Briand
2026-03-03 13:37   ` Bruce Ashfield
     [not found]   ` <189958586931912C.918325@lists.openembedded.org>
2026-03-03 16:52     ` Bruce Ashfield

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:383f35291 dfblob:0de60d7d9 )
 OR (
bs:"[meta][PATCH 02/10] linux-yocto/6.18: update CVE exclusions (6.18.9)" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20260302045537.2153587-3-bruce.ashfield@gmail.com \
    --to=bruce.ashfield@gmail.com \
    --cc=openembedded-core@lists.openembedded.org \
    --cc=richard.purdie@linuxfoundation.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox