From: "Zhenhua Luo" <zhenhua.luo@nxp.com>
To: zangrc <zangrc.fnst@cn.fujitsu.com>
Cc: "meta-freescale@lists.yoctoproject.org"
<meta-freescale@lists.yoctoproject.org>
Subject: Re: [meta-freescale] CVE related consulting on linux-qoriq
Date: Fri, 27 Mar 2020 03:53:37 +0000 [thread overview]
Message-ID: <VI1PR04MB52945ADE445FEDF70968D25BEECC0@VI1PR04MB5294.eurprd04.prod.outlook.com> (raw)
In-Reply-To: <298fbe7f-5620-8d01-eb05-243936ad9f21@cn.fujitsu.com>
Yes, the CVE fixes are integrated in SDK kernel, the patch of CVE-2019-14814 will be included in the next LSDK which will be available in this April.
Best Regards,
Zhenhua
> -----Original Message-----
> From: zangrc <zangrc.fnst@cn.fujitsu.com>
> Sent: Friday, March 27, 2020 11:22 AM
> To: Zhenhua Luo <zhenhua.luo@nxp.com>
> Cc: meta-freescale@lists.yoctoproject.org
> Subject: Re: [meta-freescale] CVE related consulting on linux-qoriq
>
> Hi,
> Our team found that there are currently some CVE patches on some branches
> that are also applicable to other branches. May I ask if NXP has any
> corresponding measures to deal with this situation.
> E.g:
> CVE-2019-14814 has been fixed on the v5.3 branch and is not fixed on v4.19. But
> it also should be applied to v4.19.
>
> Best Regards,
> Zang Ruochen
> On 3/25/20 11:54 AM, Zhenhua Luo wrote:
> > Hi Ruochen,
> >
> > Are those CVE patches developed for kernel tree or meta-freescale layer? May
> I know which kernel version you are working? I can check the process.
> >
> >
> > Best Regards,
> >
> > Zhenhua
> >
> >> -----Original Message-----
> >> From: meta-freescale@lists.yoctoproject.org <meta-
> >> freescale@lists.yoctoproject.org> On Behalf Of zangrc via
> >> Lists.Yoctoproject.Org
> >> Sent: Wednesday, March 25, 2020 11:36 AM
> >> To: meta-freescale@lists.yoctoproject.org
> >> Cc: meta-freescale@lists.yoctoproject.org
> >> Subject: [meta-freescale] CVE related consulting on linux-qoriq
> >>
> >> Hi,
> >>
> >> Our team is going to work on the CVE correction of linux-qoriq.
> >> I wonder if we submit such patches, will they be merged? If yes,
> >> which ML should I send?
> >>
> >> Best Regards,
> >> Zang Ruochen
> >>
> >>
> >
> >
>
prev parent reply other threads:[~2020-03-27 3:53 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-03-25 3:35 CVE related consulting on linux-qoriq zangrc
2020-03-25 3:54 ` [meta-freescale] " Zhenhua Luo
2020-03-27 3:22 ` zangrc
2020-03-27 3:53 ` Zhenhua Luo [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=VI1PR04MB52945ADE445FEDF70968D25BEECC0@VI1PR04MB5294.eurprd04.prod.outlook.com \
--to=zhenhua.luo@nxp.com \
--cc=meta-freescale@lists.yoctoproject.org \
--cc=zangrc.fnst@cn.fujitsu.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.