lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <51b87f26-0180-a08f-cc20-e135fcc67303@rivie.re>
Date:   Thu, 27 Oct 2016 22:02:30 +0200
From:   Romain Rivière <romain@...ie.re>
To:     linux-kernel@...r.kernel.org
Subject: CVE-2016-0758: patch missing in 3.18 series?

Hello,

I apologize in advance in case I missed the obvious, but the patch [1]
for CVE-2016-0758 apparently hasn't made it into the 3.18 series
(checked in 3.18.44). I haven't checked other 3.10+ lines but the
changelog doesn't seem to mention it.
In contrast, CVE-2016-7117 was indeed fixed in 3.18.
Is there a particular reason for this, or did it just fall through the
cracks?

FYI, the same patch applies nicely to 3.18.44

[1] :
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/patch/?id=23c8a812dc3c621009e4f0e5342aa4e2ede1ceaa

As this is a one-time post, as a non-subscriber, I'd appreciate being
Cc'ed in your replies, thanks!
Hope this helps,
Cheers
-- 
Romain Rivière

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ