| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 6 Sep 2014 20:18:14 -0700 From: Greg KH <gregkh@...uxfoundation.org> To: Matt <jackdachef@...il.com> Cc: Linux Kernel <linux-kernel@...r.kernel.org>, ReiserFS Mailing List <reiserfs-devel@...r.kernel.org> Subject: Re: linux-3.16.2 queue (3.16.1+) On Sun, Sep 07, 2014 at 02:47:55AM +0200, Matt wrote: > On Thu, Aug 28, 2014 at 9:18 PM, Matt <jackdachef@...il.com> wrote: > > On Thu, Aug 28, 2014 at 5:32 PM, Greg KH <gregkh@...uxfoundation.org> wrote: > >> On Thu, Aug 28, 2014 at 05:27:27PM +0200, Matt wrote: > >>> On Thu, Aug 28, 2014 at 5:22 PM, Greg KH <gregkh@...uxfoundation.org> wrote: > >>> > On Thu, Aug 28, 2014 at 05:16:58PM +0200, Matt wrote: > >>> >> Hi Greg, > >>> >> > >>> >> > >>> >> please consider adding the following 2 patches to 3.16.2: > >>> >> > >>> >> Jan Kara (1): > >>> >> reiserfs: Fix use after free in journal teardown > >>> >> > >>> >> Jeff Mahoney (1): > >>> >> reiserfs: fix corruption introduced by balance_leaf refactor > >>> >> > >>> >> > >>> >> > >>> >> Reason/Related: > >>> >> > >>> >> https://bugzilla.kernel.org/show_bug.cgi?id=83121 > >>> >> > >>> >> https://bugzilla.kernel.org/show_bug.cgi?id=83321 > >>> >> > >>> >> http://forums.gentoo.org/viewtopic-t-998538-postdays-0-postorder-asc-start-0.html > >>> >> > >>> >> > >>> >> Many thanks in advance > >>> > > >>> > I need git commit ids of these patches in Linus's tree, can you provide > >>> > those please? > >>> > > >>> > thanks, > >>> > > >>> > greg k-h > >>> > >>> > >>> Sure: > >>> > >>> https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=27d0e5bc85f3341b9ba66f0c23627cf9d7538c9d > >>> reiserfs: fix corruption introduced by balance_leaf refactor > >>> > >>> > >>> https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=01777836c87081e4f68c4a43c9abe6114805f91e > >>> reiserfs: Fix use after free in journal teardown > >>> > >>> > >>> > >>> are checkpatch warnings usually also fixed within stable releases ? > >> > >> No, not at all, please read Documentation/stable_kernel_patches.txt for > >> what is acceptable for stable kernel patches. > >> > >> thanks, > >> > >> greg k-h > > > > > > okay, will do > > > > thanks for pointing that out > > > > > > Regards > > > > Matt > > Hi Greg, > > could you please add the above mentioned two patches > > https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=27d0e5bc85f3341b9ba66f0c23627cf9d7538c9d > reiserfs: fix corruption introduced by balance_leaf refactor > > > https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=01777836c87081e4f68c4a43c9abe6114805f91e > reiserfs: Fix use after free in journal teardown > > in next stable (3.16.3) kernel ? > > more and more people seem to be affected by the data corruption > introduced by the recent changes. > > > Reading through Documentation/stable_kernel_rules.txt, > http://cwe.mitre.org/data/definitions/416.html and > http://www.hpenterprisesecurity.com/vulncat/en/vulncat/cpp/use_after_free.html > > both patches seem relevant enough (concerning data integrity > filesystem-wise and security) to be included for the stable branch I'll queue this up when I get a chance, there are over 300 patches pending for the stable kernels right now :( Also, in the future, always cc stable@...r.kernel.org for any stable requests so that they don't get lost. thanks, greg k-h -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists