| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 10 Oct 2014 07:30:48 +0200 From: Willy Tarreau <w@....eu> To: Kamal Mostafa <kamal@...onical.com> Cc: linux-kernel@...r.kernel.org, stable@...r.kernel.org, kernel-team@...ts.ubuntu.com, Greg Kroah-Hartman <gregkh@...uxfoundation.org> Subject: Re: [PATCH 3.13 163/163] lzo: check for length overrun in variable length encoding. Hi Kamal, [ removed Don Bailey from the CC who's certainly not interested in this ] On Thu, Oct 09, 2014 at 02:03:08PM -0700, Kamal Mostafa wrote: > 3.13.11.9 -stable review patch. If anyone has any objections, please let me know. > > ------------------ > > From: Willy Tarreau <w@....eu> > > commit 72cf90124e87d975d0b2114d930808c58b4c05e4 upstream. (...) This one (and the accompanying revert) are still not present in more recent stable kernels, so I find it surprizing that you're proposing to integrate them now. If someone upgrades from 3.13.11.9 to 3.14.21 or 3.16.5, they'd expect to keep all fixes but will lose this one, so this is a bit confusing. Is there any reason you're not tracking fixes from more recent versions like Jiri, Li, Ben and I are doing ? Thanks, Willy -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists