lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:	Mon, 04 Nov 2013 03:44:48 +0000
From:	Ben Hutchings <ben@...adent.org.uk>
To:	Greg KH <gregkh@...uxfoundation.org>
Cc:	Peter Hüwe <PeterHuewe@....de>,
	Ashley Lai <ashley@...leylai.com>,
	Rajiv Andrade <mail@...jiv.net>,
	Marcel Selhorst <tpmdd@...horst.net>,
	tpmdd-devel@...ts.sourceforge.net, linux-kernel@...r.kernel.org,
	stable@...r.kernel.org
Subject: Re: [PATCH] tpm/tpm_i2c_stm_st33: Check return code of
 get_burstcount (fix CID: 986658)

On Tue, 2013-10-29 at 20:07 -0700, Greg KH wrote:
> On Wed, Oct 30, 2013 at 01:42:11AM +0100, Peter Hüwe wrote:
> > Hi Greg,
> > > > 
> > > > CID: 986658
> > > What is this field for?
> > 
> > That's the scan id in the coverity database.
> > If you think that's just noise I can leave it out.
> 
> It's noise as not everyone can see it or make anything out of it, so
> please don't include it.

I think it's useful information for people who became aware of the bug
via Coverity.  It's not so different from a CVE ID, or a reference to
one of the various enterprise distro bug trackers where bug reports
often aren't public.

Obviously this cannot be a substitute for explaining the bug properly in
the commit message.

Ben.

-- 
Ben Hutchings
Kids!  Bringing about Armageddon can be dangerous.  Do not attempt it in
your own home. - Terry Pratchett and Neil Gaiman, `Good Omens'

Download attachment "signature.asc" of type "application/pgp-signature" (829 bytes)

Powered by blists - more mailing lists