lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <Y7k6eIjw0bNUmA95@kroah.com>
Date:   Sat, 7 Jan 2023 10:25:12 +0100
From:   Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To:     Georg Müller <georgmueller@....net>
Cc:     stable@...r.kernel.org, patches@...ts.linux.dev,
        linux-kernel@...r.kernel.org, torvalds@...ux-foundation.org,
        akpm@...ux-foundation.org, linux@...ck-us.net, shuah@...nel.org,
        patches@...nelci.org, lkft-triage@...ts.linaro.org, pavel@...x.de,
        jonathanh@...dia.com, f.fainelli@...il.com,
        sudipm.mukherjee@...il.com, srw@...dewatkins.net, rwarsow@....de
Subject: Re: [PATCH 6.0 000/177] 6.0.18-rc1 review

On Fri, Jan 06, 2023 at 03:34:15PM +0100, Greg Kroah-Hartman wrote:
> On Fri, Jan 06, 2023 at 03:27:58PM +0100, Georg Müller wrote:
> > Hi Greg,
> > 
> > Am 04.01.23 um 17:04 schrieb Greg Kroah-Hartman:
> > > This is the start of the stable review cycle for the 6.0.18 release.
> > > There are 177 patches in this series, all will be posted as a response
> > > to this one.  If anyone has any issues with these being applied, please
> > > let me know.
> > > 
> > > Responses should be made by Fri, 06 Jan 2023 16:04:29 +0000.
> > > Anything received after that time might be too late.
> > 
> > There is an easy-to-trigger kernel panic in cifs which was introduced in 6.0.16 and could be fixed by backporting the following commit:
> > 
> >    9ee2afe5207b ("cifs: prevent copying past input buffer boundaries")
> > 
> > Please see https://bugzilla.kernel.org/show_bug.cgi?id=216895 for the details
> > 
> > Could this commit be added as well to 6.0.18?
> 
> It is too late for this release, we can add it to the next one.  Or you
> can move to 6.1.y which you should be doing anyway as 6.0.y is about to
> go end-of-life in a few days.

Ah, it seems simple enough, I've queued it up now all the way back to
5.4.y, is that correct?

And any specific reason why this commit was NOT marked as a fix or for a
stable release?

thanks,

greg k-h

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ