[scarthgap,04/14] xserver-xorg: fix CVE-2023-5574 status

Message ID	9965028d74b3c480f7556d299d616999822b79bf.1725456307.git.steve@sakoman.com
State	Accepted
Delegated to:	Steve Sakoman
Headers	show Return-Path: <steve@sakoman.com> ip: 209.85.216.49, mailfrom: steve@sakoman.com) From: Steve Sakoman <steve@sakoman.com> To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 04/14] xserver-xorg: fix CVE-2023-5574 status Date: Wed, 4 Sep 2024 14:32:45 -0700 Message-Id: <9965028d74b3c480f7556d299d616999822b79bf.1725456307.git.steve@sakoman.com> In-Reply-To: <cover.1725456307.git.steve@sakoman.com> References: <cover.1725456307.git.steve@sakoman.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	[scarthgap,01/14] python3-setuptools: Fix CVE-2024-6345 \| expand [scarthgap,01/14] python3-setuptools: Fix CVE-2024-6345 [scarthgap,02/14] python3: Fix CVE-2024-7592 [scarthgap,03/14] python3: Fix CVE-2024-8088 [scarthgap,04/14] xserver-xorg: fix CVE-2023-5574 status [scarthgap,05/14] apr: drop 0007-explicitly-link-libapr-against-phtread-to-make-gold-.patch [scarthgap,06/14] apr: upgrade 1.7.4 -> 1.7.5 [scarthgap,07/14] cups: upgrade 2.4.9 -> 2.4.10 [scarthgap,08/14] wpa-supplicant: Upgrade 2.10 -> 2.11 [scarthgap,09/14] libadwaita: upgrade 1.5.1 -> 1.5.2 [scarthgap,10/14] libdnf: upgrade 0.73.1 -> 0.73.2 [scarthgap,11/14] wireless-regdb: upgrade 2024.05.08 -> 2024.07.04 [scarthgap,12/14] oeqa/runtime/ssh: increase the number of attempts [scarthgap,13/14] openssh: add backported header file include [scarthgap,14/14] mc: fix source URL

Message ID

9965028d74b3c480f7556d299d616999822b79bf.1725456307.git.steve@sakoman.com

State

Accepted

Delegated to:

Steve Sakoman

Headers

From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][scarthgap 04/14] xserver-xorg: fix CVE-2023-5574 status
Date: Wed,  4 Sep 2024 14:32:45 -0700
Message-Id: 
 <9965028d74b3c480f7556d299d616999822b79bf.1725456307.git.steve@sakoman.com>
In-Reply-To: <cover.1725456307.git.steve@sakoman.com>
References: <cover.1725456307.git.steve@sakoman.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Series

[scarthgap,01/14] python3-setuptools: Fix CVE-2024-6345 | expand

Commit Message

Steve Sakoman Sept. 4, 2024, 9:32 p.m. UTC

From: Dmitry Baryshkov <dbaryshkov@gmail.com>

If XvFB is enabled, the CVE_STATUS for CVE-2023-5574 should be
'unpatched' rather than the empty string. Otherwise SDPX checker
complains:

xserver-xorg-2_21.1.13-r0 do_create_spdx: Unknown CVE status

Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 0ec5dcbdd7c922df25ce90b04902d9c7c749a8c0)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-graphics/xorg-xserver/xserver-xorg.inc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg.inc b/meta/recipes-graphics/xorg-xserver/xserver-xorg.inc
index 22f7d9a8ad..e2754426cf 100644
--- a/meta/recipes-graphics/xorg-xserver/xserver-xorg.inc
+++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg.inc
@@ -176,4 +176,4 @@  python populate_packages:prepend() {
     d.appendVar("RPROVIDES:" + pn, " " + get_abi("video"))
 }
 
-CVE_STATUS[CVE-2023-5574] = "${@bb.utils.contains('PACKAGECONFIG', 'xvfb', '', 'not-applicable-config: specific to Xvfb', d)}"
+CVE_STATUS[CVE-2023-5574] = "${@bb.utils.contains('PACKAGECONFIG', 'xvfb', 'unpatched', 'not-applicable-config: specific to Xvfb', d)}"

[scarthgap,04/14] xserver-xorg: fix CVE-2023-5574 status

Commit Message

Patch