| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2024110843-french-lingo-b055@gregkh> Date: Fri, 8 Nov 2024 07:49:05 +0100 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: Shung-Hsi Yu <shung-hsi.yu@...e.com> Cc: cve@...nel.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH vulns 1/2] add a .vulnerable id for CVE-2024-49888 On Fri, Nov 08, 2024 at 01:51:13PM +0800, Shung-Hsi Yu wrote: > Link: https://lore.kernel.org/all/klr4llu43s4osw4o7234no33k6eujo2wvpeyhft2z5zgib6zac@hvg72k5q7w3f/ > Signed-off-by: Shung-Hsi Yu <shung-hsi.yu@...e.com> > --- > Add vulnerable commit IDs as Greg previously suggested[1]. > > I posted analysis separately and referenced them with the Link tag > instead of including the whole analysis in the commit message. Let me > know if an alternative approach is preferred. > > 1: https://lore.kernel.org/all/2024102419-deserving-veneering-6641@gregkh/ > --- > cve/published/2024/CVE-2024-49888.vulnerable | 1 + > 1 file changed, 1 insertion(+) > create mode 100644 cve/published/2024/CVE-2024-49888.vulnerable > > diff --git a/cve/published/2024/CVE-2024-49888.vulnerable b/cve/published/2024/CVE-2024-49888.vulnerable > new file mode 100644 > index 00000000..b7b1891d > --- /dev/null > +++ b/cve/published/2024/CVE-2024-49888.vulnerable > @@ -0,0 +1 @@ > +ec0e2da95f72 > -- > 2.47.0 > > Thanks for both of these patches. I've now applied them and pushed out the update .json files to cve.org for these entries. greg k-h
Powered by blists - more mailing lists