| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20070305192622.GA2768@kroah.com> Date: Mon, 5 Mar 2007 11:26:22 -0800 From: Greg KH <greg@...ah.com> To: "S.??a??lar Onur" <caglar@...dus.org.tr> Cc: Adrian Bunk <bunk@...sta.de>, linux-kernel@...r.kernel.org, stable@...nel.org, Justin Forbes <jmforbes@...uxtx.org>, Zwane Mwaikambo <zwane@....linux.org.uk>, "Theodore Ts'o" <tytso@....edu>, Randy Dunlap <rdunlap@...otime.net>, Dave Jones <davej@...hat.com>, Chuck Wolber <chuckw@...ntumlinux.com>, Chris Wedgwood <reviews@...cw.f00f.org>, Michael Krufky <mkrufky@...uxtv.org>, torvalds@...ux-foundation.org, akpm@...ux-foundation.org, alan@...rguk.ukuu.org.uk Subject: Re: [patch 00/18] 2.6.18-stable review On Mon, Mar 05, 2007 at 03:44:22PM +0200, S.??a??lar Onur wrote: > 26 ??ub 2007 Pts tarihinde, Adrian Bunk ??unlar?? yazm????t??: > > On Wed, Feb 21, 2007 at 01:55:04PM +0200, S.??a??lar Onur wrote: > > > 21 ??ub 2007 ??ar tarihinde, Greg KH ??unlar?? yazm????t??: > > > > Responses should be made by Friday February 23 00:00 UTC. Anything > > > > received after that time might be too late. > > > > > > We have still some CVEish patches in our package which maybe you want to > > > consider adding into -stable. > > > > Below, I'll only look at the 2.6.18, 2.6.19 and 2.6.20 kernels. > > > > > * http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4814 > > > > fixed in: > > - 2.6.18.8 > > - 2.6.19.2 > > - 2.6.20 > > > > > * http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5749 > > > > fixed in: > > - 2.6.20 (commit dab6df63086762629936e8b89a5984bae39724f6) > > > > missing in: > > - 2.6.18 > > - 2.6.19 > > > > > * http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5753 > > > > fixed in: > > - 2.6.20 (commit be6aab0e9fa6d3c6d75aa1e38ac972d8b4ee82b8) > > > > missing in: > > - 2.6.18 > > - 2.6.19 > > > > > * http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5823 > > > > fixed in: > > - 2.6.19.2 > > - 2.6.20 > > > > missing in: > > - 2.6.18 > > > > > * http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6053 > > > > fixed in: > > - 2.6.19.2 > > - 2.6.20 > > > > missing in: > > - 2.6.18 > > > > > * http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6054 > > > > fixed in: > > - 2.6.19.2 > > - 2.6.20 > > > > missing in: > > - 2.6.18 > > > > > * http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6333 > > > > fixed in: > > - 2.6.19.1 > > - 2.6.20 > > > > problem not present in: > > - 2.6.18 > > > > > * http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0006 > > > > fixed in: > > - 2.6.19.5 > > > > missing in: > > - 2.6.18 > > - 2.6.20 > > So maybe 2.6.18 deserves another stable release :) ? Why? Does anyone really use it now that 2.6.19 and 2.6.20 is out? I don't want to do a new release as we need to catch up on the 2.6.20 issues... And also remember, the point of the -stable tree was that we would drop older releases after the next release came out. thanks, greg k-h - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists