Re: [oss-security] econet iovec

From: Eugene Teo <eugene_at_nospam>
Date: Mon Nov 15 2010 - 03:36:37 GMT
To: oss-security@lists.openwall.com

Thomas, thanks for the heads-up. Appreciated it.

On 11/15/2010 12:09 AM, Dan Rosenberg wrote:
> This also raises a question of whether it's worth assigning CVEs to
> every vulnerability that was fixed by a single change in the core
> code. I'm leaning towards "no".

Yeah, It wouldn't make much sense too.

Distros should backport the changes made to mitigate such issues. See
https://bugzilla.redhat.com/651927, and the following patches:
http://git.kernel.org/linus/253eacc070b114c2ec1f81b067d2fed7305467b0
http://git.kernel.org/linus/8acfe468b0384e834a303f08ebc4953d72fb690a

Thanks, Eugene
-- main(i) { putchar(182623909 >> (i-1) * 5&31|!!(i<7)<<6) && main(++i); }

This message: [ Message body ]
Next message: Eugene Teo: "[oss-security] CVE request: kernel: perf bug"
Previous message: Dan Rosenberg: "Re: [oss-security] econet iovec"
In reply to: Dan Rosenberg: "Re: [oss-security] econet iovec"
Next in thread: Steven M. Christey: "Re: [oss-security] econet iovec"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ]