Skip to content

doc: security: Information about CVEs #78420

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 8 commits into from
Sep 18, 2024
Merged

doc: security: Information about CVEs #78420

merged 8 commits into from
Sep 18, 2024

Conversation

@ceolin
Copy link
Member

@ceolin ceolin commented Sep 13, 2024

Add information about published CVEs

Flavio Ceolin added 8 commits September 13, 2024 13:18
doc: relnotes/4.0: Add info about CVE-2024-8798
fbdbeff 
Information about CVE-2024-8798 in release notes.

Signed-off-by: Flavio Ceolin <[email protected]>
doc: security: Add CVE under embargo
66a0f37 
Add an entry to CVE-2024-8798

Signed-off-by: Flavio Ceolin <[email protected]>
doc: security: Disclose CVE-2024-5754
6806073 
Disclose information about published CVE.

Signed-off-by: Flavio Ceolin <[email protected]>
doc: security: Disclose CVE-2024-6258
d1b39f6 
Disclose information about published CVE.

Signed-off-by: Flavio Ceolin <[email protected]>
doc: security: Disclose CVE-2024-5931
38f3727 
Disclose information about published CVE.

Signed-off-by: Flavio Ceolin <[email protected]>
doc: security: Disclose CVE-2024-6135
9679e58 
Disclose information about published CVE.

Signed-off-by: Flavio Ceolin <[email protected]>
doc: security: Disclose CVE-2024-6137
ec8e8cc 
Disclose information about published CVE.

Signed-off-by: Flavio Ceolin <[email protected]>
doc: security: Disclose CVE-2024-6259
85efa32 
Disclose information about published CVE.

Signed-off-by: Flavio Ceolin <[email protected]>
@zephyrbot zephyrbot added Release Notes To be mentioned in the release notes area: Documentation labels Sep 13, 2024
@mmahadevan108
Copy link
Contributor

mmahadevan108 commented Sep 16, 2024

@ceolin, should this doc update be back-ported to 3.7 and 3.6?

@ceolin
Copy link
Member Author

ceolin commented Sep 16, 2024

@ceolin, should this doc update be back-ported to 3.7 and 3.6?

That is a good question. My approach is to consider when the fix landed in Zephyr and not when we disclosed the information, but we may change it if that is misleading.

@nashif nashif merged commit d9bdb4a into zephyrproject-rtos:main Sep 18, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@kartben kartben kartben approved these changes

@mmahadevan108 mmahadevan108 mmahadevan108 approved these changes

@carlescufi carlescufi Awaiting requested review from carlescufi

@dkalowsk dkalowsk Awaiting requested review from dkalowsk

@nashif nashif Awaiting requested review from nashif

Assignees

@dkalowsk dkalowsk

@mmahadevan108 mmahadevan108

Labels

area: Documentation Release Notes To be mentioned in the release notes

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@ceolin @mmahadevan108 @kartben @nashif @dkalowsk @zephyrbot