Yocto, Kernel and OpenBMC security maintenance

Andrew Jeffery andrew at aj.id.au
Mon Nov 13 16:37:48 AEDT 2017

On Tue, 2017-11-07 at 15:56 +1030, Joel Stanley wrote:
> On todays community call we chatted about security updates for the
> project. Nancy pointed out that there tools in the tree that are many
> versions out of date and have security fixes available, but not
> applied to our tree.
> To date there has been no focused effort on ensuring known
> vulnerabilities are patched, weather this be backporting patches or
> updating to newer releases. I suggested we focus on ensuring the
> OpenBMC tree, as the upstream for our products, is where security
> fixes are applied.

For what it's worth there's some discussion of upgrading to Yocto 2.3
and what we might do to better track master on the issue tracker:


I agree we need to improve how we track things such as security patches
that go into upstream.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: This is a digitally signed message part
URL: <http://lists.ozlabs.org/pipermail/openbmc/attachments/20171113/6597b9fc/attachment.sig>

More information about the openbmc mailing list