Re: CVE related consulting on linux-qoriq

Home Messages Hashtags Subgroups

#24283

Re: CVE related consulting on linux-qoriq

Zhenhua Luo #24283 Yes, the CVE fixes are integrated in SDK kernel, the patch of CVE-2019-14814 will be included in the next LSDK which will be available in this April. Best Regards, Zhenhua toggle quoted message Show quoted text -----Original Message----- From: zangrc <zangrc.fnst@...> Sent: Friday, March 27, 2020 11:22 AM To: Zhenhua Luo <zhenhua.luo@...> Cc: meta-freescale@... Subject: Re: [meta-freescale] CVE related consulting on linux-qoriq Hi, Our team found that there are currently some CVE patches on some branches that are also applicable to other branches. May I ask if NXP has any corresponding measures to deal with this situation. E.g: CVE-2019-14814 has been fixed on the v5.3 branch and is not fixed on v4.19. But it also should be applied to v4.19. Best Regards, Zang Ruochen On 3/25/20 11:54 AM, Zhenhua Luo wrote: Hi Ruochen, Are those CVE patches developed for kernel tree or meta-freescale layer? May I know which kernel version you are working? I can check the process. Best Regards, Zhenhua -----Original Message----- From: meta-freescale@... <meta- freescale@...> On Behalf Of zangrc via Lists.Yoctoproject.Org Sent: Wednesday, March 25, 2020 11:36 AM To: meta-freescale@... Cc: meta-freescale@... Subject: [meta-freescale] CVE related consulting on linux-qoriq Hi, Our team is going to work on the CVE correction of linux-qoriq. I wonder if we submit such patches, will they be merged? If yes, which ML should I send? Best Regards, Zang Ruochen
More All Messages By This Member

View All 4 Messages In Topic

#24283

Join meta-freescale@lists.yoctoproject.org to automatically receive all group messages.

Home Hashtags Subgroups Terms