Message ID | 20231019105552.3631582-5-mikko.rapeli@linaro.org |
---|---|
State | New |
Headers | show |
Series | RFC: detect CVEs from embedded mbedtls | expand |
diff --git a/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a_2.8.6.bb b/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a_2.8.6.bb index cffc6db1..bc13d0df 100644 --- a/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a_2.8.6.bb +++ b/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a_2.8.6.bb @@ -8,7 +8,7 @@ SRC_URI += "file://rwx-segments.patch" LIC_FILES_CHKSUM += "file://docs/license.rst;md5=b2c740efedc159745b9b31f88ff03dde" -# mbed TLS v2.28.2 +PV_mbedtls = "2.28.2" SRC_URI_MBEDTLS = "git://github.com/ARMmbed/mbedtls.git;name=mbedtls;protocol=https;destsuffix=git/mbedtls;branch=mbedtls-2.28" SRCREV_mbedtls = "89f040a5c938985c5f30728baed21e49d0846a53"
Set PV_mbedtls so that CVE_PRODUCT and CVE_VERSION get filled correctly for embedded mbedtls. Result in $ bitbake -c cve_check trusted-firmware-a ... WARNING: trusted-firmware-a-2.8.6+gitff0bd5f9bb2ba2f31fb9cec96df917747af9e92d-r0 do_cve_check: Found unpatched CVE (CVE-2021-36647 CVE-2021-43666 CVE-2021-45451 CVE-2023-43615) Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org> --- .../recipes-bsp/trusted-firmware-a/trusted-firmware-a_2.8.6.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)