All of lore.kernel.org
 help / color / mirror / Atom feed
* [PATCH] ecryptfs-utils: add CVE-2016-1572 to allowlist
@ 2022-03-11  4:10 matsunaga-shinji
  2022-03-11  5:04 ` [oe] " Khem Raj
  2022-03-11  5:26 ` Marta Rybczynska
  0 siblings, 2 replies; 4+ messages in thread
From: matsunaga-shinji @ 2022-03-11  4:10 UTC (permalink / raw)
  To: openembedded-devel; +Cc: shin.matsunaga

Patch for CVE-2016-1572 is applied in version 109.

Signed-off-by: matsunaga-shinji <shin.matsunaga@fujitsu.com>
---
 recipes-security/ecryptfs-utils/ecryptfs-utils_111.bb | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/recipes-security/ecryptfs-utils/ecryptfs-utils_111.bb b/recipes-security/ecryptfs-utils/ecryptfs-utils_111.bb
index 9aefc32..d98724c 100644
--- a/recipes-security/ecryptfs-utils/ecryptfs-utils_111.bb
+++ b/recipes-security/ecryptfs-utils/ecryptfs-utils_111.bb
@@ -68,3 +68,6 @@ FILES:${PN} += "${base_libdir}/security/* ${base_libdir}/ecryptfs/*"
 
 RDEPENDS:${PN} += "cryptsetup"
 RRECOMMENDS:${PN} = "gettext-runtime"
+
+# Patch for CVE-2016-1572 is applied in version 109.
+CVE_CHECK_IGNORE += "CVE-2016-1572"
-- 
2.25.1



^ permalink raw reply related	[flat|nested] 4+ messages in thread
* Re: [oe] [PATCH] ecryptfs-utils: add CVE-2016-1572 to allowlist
  2022-03-11  4:10 [PATCH] ecryptfs-utils: add CVE-2016-1572 to allowlist matsunaga-shinji
@ 2022-03-11  5:04 ` Khem Raj
  2022-03-11  5:26 ` Marta Rybczynska
  1 sibling, 0 replies; 4+ messages in thread
From: Khem Raj @ 2022-03-11  5:04 UTC (permalink / raw)
  To: Matsunaga-Shinji; +Cc: openembeded-devel

I guess this belongs to meta-security, please prefix the patch subject
with layer name [meta-security] in this case.

On Thu, Mar 10, 2022 at 8:14 PM Matsunaga-Shinji
<shin.matsunaga@fujitsu.com> wrote:
>
> Patch for CVE-2016-1572 is applied in version 109.
>
> Signed-off-by: matsunaga-shinji <shin.matsunaga@fujitsu.com>
> ---
>  recipes-security/ecryptfs-utils/ecryptfs-utils_111.bb | 3 +++
>  1 file changed, 3 insertions(+)
>
> diff --git a/recipes-security/ecryptfs-utils/ecryptfs-utils_111.bb b/recipes-security/ecryptfs-utils/ecryptfs-utils_111.bb
> index 9aefc32..d98724c 100644
> --- a/recipes-security/ecryptfs-utils/ecryptfs-utils_111.bb
> +++ b/recipes-security/ecryptfs-utils/ecryptfs-utils_111.bb
> @@ -68,3 +68,6 @@ FILES:${PN} += "${base_libdir}/security/* ${base_libdir}/ecryptfs/*"
>
>  RDEPENDS:${PN} += "cryptsetup"
>  RRECOMMENDS:${PN} = "gettext-runtime"
> +
> +# Patch for CVE-2016-1572 is applied in version 109.
> +CVE_CHECK_IGNORE += "CVE-2016-1572"
> --
> 2.25.1
>
>
> -=-=-=-=-=-=-=-=-=-=-=-
> Links: You receive all messages sent to this group.
> View/Reply Online (#95945): https://lists.openembedded.org/g/openembedded-devel/message/95945
> Mute This Topic: https://lists.openembedded.org/mt/89704285/1997914
> Group Owner: openembedded-devel+owner@lists.openembedded.org
> Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [raj.khem@gmail.com]
> -=-=-=-=-=-=-=-=-=-=-=-
>


^ permalink raw reply	[flat|nested] 4+ messages in thread
* Re: [oe] [PATCH] ecryptfs-utils: add CVE-2016-1572 to allowlist
  2022-03-11  4:10 [PATCH] ecryptfs-utils: add CVE-2016-1572 to allowlist matsunaga-shinji
  2022-03-11  5:04 ` [oe] " Khem Raj
@ 2022-03-11  5:26 ` Marta Rybczynska
  2022-03-24  1:06   ` shin.matsunaga
  1 sibling, 1 reply; 4+ messages in thread
From: Marta Rybczynska @ 2022-03-11  5:26 UTC (permalink / raw)
  To: Matsunaga-Shinji; +Cc: OpenEmbedded Devel List

[-- Attachment #1: Type: text/plain, Size: 967 bytes --]

On Fri, Mar 11, 2022, 05:14 Matsunaga-Shinji <shin.matsunaga@fujitsu.com>
wrote:

> Patch for CVE-2016-1572 is applied in version 109.
>
> Signed-off-by: matsunaga-shinji <shin.matsunaga@fujitsu.com>
> ---
>  recipes-security/ecryptfs-utils/ecryptfs-utils_111.bb | 3 +++
>  1 file changed, 3 insertions(+)
>
> diff --git a/recipes-security/ecryptfs-utils/ecryptfs-utils_111.bb
> b/recipes-security/ecryptfs-utils/ecryptfs-utils_111.bb
> index 9aefc32..d98724c 100644
> --- a/recipes-security/ecryptfs-utils/ecryptfs-utils_111.bb
> +++ b/recipes-security/ecryptfs-utils/ecryptfs-utils_111.bb
> @@ -68,3 +68,6 @@ FILES:${PN} += "${base_libdir}/security/*
> ${base_libdir}/ecryptfs/*"
>
>  RDEPENDS:${PN} += "cryptsetup"
>  RRECOMMENDS:${PN} = "gettext-runtime"
> +
> +# Patch for CVE-2016-1572 is applied in version 109.
> +CVE_CHECK_IGNORE += "CVE-2016-1572"
>

Wouldn't it be better to report this to the NVD and do the fix in the
database instead?

Regards
Marta

>

[-- Attachment #2: Type: text/html, Size: 2151 bytes --]

^ permalink raw reply	[flat|nested] 4+ messages in thread
* RE: [oe] [PATCH] ecryptfs-utils: add CVE-2016-1572 to allowlist
  2022-03-11  5:26 ` Marta Rybczynska
@ 2022-03-24  1:06   ` shin.matsunaga
  0 siblings, 0 replies; 4+ messages in thread
From: shin.matsunaga @ 2022-03-24  1:06 UTC (permalink / raw)
  To: 'Marta Rybczynska'; +Cc: OpenEmbedded Devel List

[-- Attachment #1: Type: text/plain, Size: 1860 bytes --]

Thank you for your comment.

When I sent a mail to NVD about a database modification request, this has been approved.

NVD has made the appropriate modifications to reflect that the affected versions are up to (excluding) 109.

So we can confirm that the website has changed. The same is the data feeds.
https://nvd.nist.gov/vuln/detail/CVE-2016-1572

Regards
Shinji


From: Marta Rybczynska <rybczynska@gmail.com>
Sent: Friday, March 11, 2022 2:27 PM
To: Matsunaga, Shinji/松永 慎司 <shin.matsunaga@fujitsu.com>
Cc: OpenEmbedded Devel List <openembedded-devel@lists.openembedded.org>
Subject: Re: [oe] [PATCH] ecryptfs-utils: add CVE-2016-1572 to allowlist


On Fri, Mar 11, 2022, 05:14 Matsunaga-Shinji <shin.matsunaga@fujitsu.com<mailto:shin.matsunaga@fujitsu.com>> wrote:
Patch for CVE-2016-1572 is applied in version 109.

Signed-off-by: matsunaga-shinji <shin.matsunaga@fujitsu.com<mailto:shin.matsunaga@fujitsu.com>>
---
 recipes-security/ecryptfs-utils/ecryptfs-utils_111.bb<http://ecryptfs-utils_111.bb> | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/recipes-security/ecryptfs-utils/ecryptfs-utils_111.bb<http://ecryptfs-utils_111.bb> b/recipes-security/ecryptfs-utils/ecryptfs-utils_111.bb<http://ecryptfs-utils_111.bb>
index 9aefc32..d98724c 100644
--- a/recipes-security/ecryptfs-utils/ecryptfs-utils_111.bb<http://ecryptfs-utils_111.bb>
+++ b/recipes-security/ecryptfs-utils/ecryptfs-utils_111.bb<http://ecryptfs-utils_111.bb>
@@ -68,3 +68,6 @@ FILES:${PN} += "${base_libdir}/security/* ${base_libdir}/ecryptfs/*"

 RDEPENDS:${PN} += "cryptsetup"
 RRECOMMENDS:${PN} = "gettext-runtime"
+
+# Patch for CVE-2016-1572 is applied in version 109.
+CVE_CHECK_IGNORE += "CVE-2016-1572"

Wouldn't it be better to report this to the NVD and do the fix in the database instead?

Regards
Marta

[-- Attachment #2: Type: text/html, Size: 7407 bytes --]

^ permalink raw reply related	[flat|nested] 4+ messages in thread
end of thread, other threads:[~2022-03-24  1:06 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-03-11  4:10 [PATCH] ecryptfs-utils: add CVE-2016-1572 to allowlist matsunaga-shinji
2022-03-11  5:04 ` [oe] " Khem Raj
2022-03-11  5:26 ` Marta Rybczynska
2022-03-24  1:06   ` shin.matsunaga

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.