From: "Yoann Congal" <yoann.congal@smile.fr>
To: "Yoann Congal" <yoann.congal@smile.fr>,
<openembedded-core@lists.openembedded.org>
Subject: Re: [OE-core][scarthgap 41/66] linux-yocto/6.6: update CVE exclusions (6.6.123)
Date: Fri, 24 Apr 2026 23:12:42 +0200 [thread overview]
Message-ID: <DI1P0XJP7YOA.2AHZRIC9S2WJM@smile.fr> (raw)
In-Reply-To: <4bdf5345c32c9e294a64d61af49ce2adabdaf1db.1777064068.git.yoann.congal@smile.fr>
On Fri Apr 24, 2026 at 10:55 PM CEST, Yoann Congal wrote:
> From: João Marcos Costa (Schneider Electric) <joaomarcos.costa@bootlin.com>
>
> This new version of cve-exclusion_6.6.inc was generated with oe-core's
> latest version of the generate-cve-exclusions.py.
>
> Regarding the database used and how this file was generated:
>
> Generated at 2026-04-03 09:30:32.247568+00:00 for kernel version 6.6.123
> From cvelistV5 cve_2026-04-03_0700Z
>
> The backporting of the generate-cve-exclusions.py script from master to
> Scarthgap is handled in a different patch.
>
> Signed-off-by: João Marcos Costa (Schneider Electric) <joaomarcos.costa@bootlin.com>
> Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
> ---
> .../linux/cve-exclusion_6.6.inc | 21144 +++++++++++++---
> 1 file changed, 17901 insertions(+), 3243 deletions(-)
Note: this patch triggers some tooling issues due to its size:
16167 – Missing (big) patch in patchwork
https://bugzilla.yoctoproject.org/show_bug.cgi?id=16167
You will find it on my branch here:
https://git.openembedded.org/openembedded-core-contrib/commit/?h=stable/scarthgap-nut&id=4bdf5345c32c9e294a64d61af49ce2adabdaf1db
Regards,
--
Yoann Congal
Smile ECS
next prev parent reply other threads:[~2026-04-24 21:12 UTC|newest]
Thread overview: 69+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-04-24 20:54 [OE-core][scarthgap 00/66] Patch review Yoann Congal
2026-04-24 20:55 ` [OE-core][scarthgap 01/66] spdx30_tasks: fix condition in create_spdx Yoann Congal
2026-04-24 20:55 ` [OE-core][scarthgap 02/66] tzdata/tzcode-native: upgrade 2025c -> 2026a Yoann Congal
2026-04-24 20:55 ` [OE-core][scarthgap 03/66] libarchive: Fix CVE-2026-4111 Yoann Congal
2026-04-24 20:55 ` [OE-core][scarthgap 04/66] curl: patch CVE-2026-1965 Yoann Congal
2026-04-24 20:55 ` [OE-core][scarthgap 05/66] curl: patch CVE-2026-3783 Yoann Congal
2026-04-24 20:55 ` [OE-core][scarthgap 06/66] curl: patch CVE-2026-3784 Yoann Congal
2026-04-24 20:55 ` [OE-core][scarthgap 07/66] ncurses: fix for CVE-2025-69720 Yoann Congal
2026-04-24 20:55 ` [OE-core][scarthgap 08/66] tcl: skip http11 tests Yoann Congal
2026-04-24 20:55 ` [OE-core][scarthgap 09/66] busybox: fix for CVE-2026-26157, CVE-2026-26158 Yoann Congal
2026-04-24 20:55 ` [OE-core][scarthgap 10/66] binutils: mark CVE-2025-69650 and CVE-2025-69651 as disputed Yoann Congal
2026-04-24 20:55 ` [OE-core][scarthgap 11/66] vim: Fix CVE-2026-25749 Yoann Congal
2026-04-24 20:55 ` [OE-core][scarthgap 12/66] vim: Fix CVE-2026-26269 Yoann Congal
2026-04-24 20:55 ` [OE-core][scarthgap 13/66] vim: Fix CVE-2026-33412 Yoann Congal
2026-04-24 20:55 ` [OE-core][scarthgap 14/66] sqlite3: Fix CVE-2025-70873 Yoann Congal
2026-04-24 20:55 ` [OE-core][scarthgap 15/66] unfs3: Fix race issue causing a glibc test hang Yoann Congal
2026-04-24 20:55 ` [OE-core][scarthgap 16/66] nghttp2: Fix CVE-2026-27135 Yoann Congal
2026-04-24 20:55 ` [OE-core][scarthgap 17/66] linux/generate-cve-exclusions: backport script from master branch Yoann Congal
2026-04-24 20:55 ` [OE-core][scarthgap 18/66] python3: upgrade 3.12.12 -> 3.12.13 Yoann Congal
2026-04-24 20:55 ` [OE-core][scarthgap 19/66] vim: Fix CVE-2026-28418 Yoann Congal
2026-04-24 20:55 ` [OE-core][scarthgap 20/66] vim: Fix CVE-2026-28419 Yoann Congal
2026-04-24 20:55 ` [OE-core][scarthgap 21/66] openssl: upgrade 3.5.5 -> 3.5.6 Yoann Congal
2026-04-24 20:55 ` [OE-core][scarthgap 22/66] gi-docgen: fix CVE-2025-11687 Yoann Congal
2026-04-24 20:55 ` [OE-core][scarthgap 23/66] python3-pyasn1: fix CVE-2026-23490 Yoann Congal
2026-04-24 20:55 ` [OE-core][scarthgap 24/66] python3-wheel: fix CVE-2026-24049 Yoann Congal
2026-04-24 20:55 ` [OE-core][scarthgap 25/66] gnupg: fix CVE-2026-24882 Yoann Congal
2026-04-24 20:55 ` [OE-core][scarthgap 26/66] libxml2: Fix CVE-2026-1757 Yoann Congal
2026-04-24 20:55 ` [OE-core][scarthgap 27/66] base-passwd: upgrade 3.6.3 -> 3.6.8 Yoann Congal
2026-04-24 20:55 ` [OE-core][scarthgap 28/66] mesa: fix build on host with glibc-2.43 Yoann Congal
2026-04-24 20:55 ` [OE-core][scarthgap 29/66] virglrenderer: Fix build with glibc 2.43+ Yoann Congal
2026-04-24 20:55 ` [OE-core][scarthgap 30/66] cmake: backport a fix for gcc-16 on host Yoann Congal
2026-04-24 20:55 ` [OE-core][scarthgap 31/66] gcc: backport a fix for building with gcc-16 Yoann Congal
2026-04-24 20:55 ` [OE-core][scarthgap 32/66] libxcrypt: avoid discarded-qualifiers build failure with glibc 2.43 Yoann Congal
2026-04-24 20:55 ` [OE-core][scarthgap 33/66] libxcrypt: Fix build wrt C23 support Yoann Congal
2026-04-24 20:55 ` [OE-core][scarthgap 34/66] libxcrypt: Use configure knob to disable warnings as errors Yoann Congal
2026-04-24 20:55 ` [OE-core][scarthgap 35/66] spirv-tools: backport a fix for building with gcc-16 Yoann Congal
2026-04-24 20:55 ` [OE-core][scarthgap 36/66] ca-certificates: upgrade 20250419 -> 20260223 Yoann Congal
2026-04-24 20:55 ` [OE-core][scarthgap 37/66] ovmf: backport a fix for build with gcc-16 Yoann Congal
2026-04-24 21:15 ` Yoann Congal
2026-04-24 20:55 ` [OE-core][scarthgap 38/66] ltp: fix epoll_ctl04 failed Yoann Congal
2026-04-24 20:55 ` [OE-core][scarthgap 39/66] kernel-devsrc: make tools/Build optional Yoann Congal
2026-04-24 20:55 ` [OE-core][scarthgap 40/66] dbus: use ${PN} in pkg_postinst instead of 'dbus' Yoann Congal
2026-04-24 20:55 ` [OE-core][scarthgap 41/66] linux-yocto/6.6: update CVE exclusions (6.6.123) Yoann Congal
2026-04-24 21:12 ` Yoann Congal [this message]
2026-04-24 20:55 ` [OE-core][scarthgap 42/66] build-appliance-image: switch SRC_URI to https protocol Yoann Congal
2026-04-24 20:55 ` [OE-core][scarthgap 43/66] scripts: Default to https git protocol for YP/OE repos Yoann Congal
2026-04-24 20:55 ` [OE-core][scarthgap 44/66] oeqa/selftest/git-submodule-test: " Yoann Congal
2026-04-24 20:55 ` [OE-core][scarthgap 45/66] meta/files/layers.example.json: switch to https clone URIs Yoann Congal
2026-04-24 20:55 ` [OE-core][scarthgap 46/66] oeqa/sdk: Default to https git protocol for YP/OE repos Yoann Congal
2026-04-24 20:55 ` [OE-core][scarthgap 47/66] selftest/scripts: Update old git protocol references Yoann Congal
2026-04-24 20:55 ` [OE-core][scarthgap 48/66] dtc: backport fix for build with glibc-2.43 Yoann Congal
2026-04-24 20:55 ` [OE-core][scarthgap 49/66] pseudo: Add fix for glibc 2.43 Yoann Congal
2026-04-24 20:55 ` [OE-core][scarthgap 50/66] yocto-uninative: Update to 5.0 for needed patchelf updates Yoann Congal
2026-04-24 20:55 ` [OE-core][scarthgap 51/66] yocto-uninative: Update to 5.1 for glibc 2.43 Yoann Congal
2026-04-24 20:55 ` [OE-core][scarthgap 52/66] elfutils: don't add -Werror to avoid discarded-qualifiers Yoann Congal
2026-04-24 20:55 ` [OE-core][scarthgap 53/66] binutils: backport patch to fix build with glibc-2.43 on host Yoann Congal
2026-04-24 20:55 ` [OE-core][scarthgap 54/66] texinfo: Backport patches for hosts with newer GCC Yoann Congal
2026-04-24 20:55 ` [OE-core][scarthgap 55/66] qemu: backport patches to support python 3.14 Yoann Congal
2026-04-24 20:55 ` [OE-core][scarthgap 56/66] db: Pin to use C99 std Yoann Congal
2026-04-24 20:55 ` [OE-core][scarthgap 57/66] apt: Fix build with GCC 15 Yoann Congal
2026-04-24 20:55 ` [OE-core][scarthgap 58/66] lib/oeqa/utils/httpserver: use multiprocessing from bb Yoann Congal
2026-04-24 20:55 ` [OE-core][scarthgap 59/66] archiver: Don't try to preserve all attributes when copying files Yoann Congal
2026-04-24 20:55 ` [OE-core][scarthgap 60/66] selftest/minidebuginfo: extract files from tar archive using tarfile module Yoann Congal
2026-04-24 20:56 ` [OE-core][scarthgap 61/66] selftest/gdbserver: replace shutil.unpack_archive with tarfile extract Yoann Congal
2026-04-24 20:56 ` [OE-core][scarthgap 62/66] license.py: Drop visit_Str from SeenVisitor in selftest Yoann Congal
2026-04-24 20:56 ` [OE-core][scarthgap 63/66] sudo: upgrade 1.9.17p1 -> 1.9.17p2 Yoann Congal
2026-04-24 20:56 ` [OE-core][scarthgap 64/66] lttng-ust: upgrade 2.13.8 -> 2.13.10 Yoann Congal
2026-04-24 20:56 ` [OE-core][scarthgap 65/66] libatomic-ops: upgrade 7.8.2 -> 7.8.4 Yoann Congal
2026-04-24 20:56 ` [OE-core][scarthgap 66/66] liburcu: upgrade 0.14.0 -> 0.14.2 Yoann Congal
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=DI1P0XJP7YOA.2AHZRIC9S2WJM@smile.fr \
--to=yoann.congal@smile.fr \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox