Sorry, I thought that a fixed CVE would be incorrectly marked as "has no known
resolution" if (last_affected == version) unless the following patch is applied,
but this was a misunderstanding.
--- a/meta/recipes-kernel/linux/generate-cve-exclusions.py
+++
Hi,
I have been trying Linux Kernel CVEs for a while now and found a weird part in
generate-cve-exclusions.py.
https://git.openembedded.org/openembedded-core/tree/meta/recipes-kernel/linux/generate-cve-exclusions.py#n64
>affected = data["affected_versions"]
>first_affected,