On 6 Sep 2023, at 13:56, Bruce Ashfield <[email protected]> wrote: > > On Wed, Sep 6, 2023 at 8:39 AM Ross Burton <[email protected]> wrote: >> >> On 5 Sep 2023, at 15:37, Bruce Ashfield via lists.openembedded.org >> <[email protected]> wrote: >>> >>> From: Bruce Ashfield <[email protected]> >>> >>> Richard, >>> >>> Here's the next round of -stable and configuration changes. >>> >>> I also ran into a build issue with 6.4+ on one of my builders >>> due to a gzip mismatch with zlib versions. So I've included >>> a fix for that. >> >> Would you be able to throw in a cve-exclusions update when you upgrade the >> kernels? I can do it, but it’s easier if it’s done as part of the upgrade. >> >> For now it’s a little manual. Have a clone of >> https://github.com/nluedtke/linux_kernel_cves to hand then: >> >> $ ./generate-cve-exclusions.py ~/Code/drive-by/linux_kernel_cves/ 6.4.11 > >> cve-exclusion_6.4.inc >> >> (update paths as needed) > > I'll add that to my update steps. > > As long as I don't have to audit/check or manually edit anything, it > won't be an issue.
Cheers. Literally just run those commands and sanity check that it did something reasonable (ie didn’t write an error message to the files). I’ve been meaning to add a wrapper to do the right thing, but Marta is also working on integrating the data directly into the CVE check logic so I really do consider this script very much an interim solution. Ross
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#187313): https://lists.openembedded.org/g/openembedded-core/message/187313 Mute This Topic: https://lists.openembedded.org/mt/101170549/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
