Re: CVE related consulting on linux-qoriq


zangrc
 

Hi,
Our team found that there are currently some CVE patches on some branches that are also applicable to other branches. May I ask if NXP has any corresponding measures to deal with this situation.
E.g:
CVE-2019-14814 has been fixed on the v5.3 branch and is not fixed on v4.19. But it also should be applied to v4.19.

Best Regards,
Zang Ruochen

On 3/25/20 11:54 AM, Zhenhua Luo wrote:
Hi Ruochen,

Are those CVE patches developed for kernel tree or meta-freescale layer? May I know which kernel version you are working? I can check the process.


Best Regards,

Zhenhua

-----Original Message-----
From: meta-freescale@... <meta-
freescale@...> On Behalf Of zangrc via
Lists.Yoctoproject.Org
Sent: Wednesday, March 25, 2020 11:36 AM
To: meta-freescale@...
Cc: meta-freescale@...
Subject: [meta-freescale] CVE related consulting on linux-qoriq

Hi,

Our team is going to work on the CVE correction of linux-qoriq.
I wonder if we submit such patches, will they be merged? If yes, which ML
should I send?

Best Regards,
Zang Ruochen

Join meta-freescale@lists.yoctoproject.org to automatically receive all group messages.