lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20140728.171401.1506592562551382302.davem@davemloft.net>
Date:	Mon, 28 Jul 2014 17:14:01 -0700 (PDT)
From:	David Miller <davem@...emloft.net>
To:	wangyufen@...wei.com
Cc:	netdev@...r.kernel.org
Subject: Re: [PATCH v2 0/8] Backport to stable-3.4 for fix CVE-2014-0181

From: Wangyufen <wangyufen@...wei.com>
Date: Fri, 25 Jul 2014 16:22:21 +0800

> From: Wang Yufen <wangyufen@...wei.com>
> 
> Hi David,
> 
> This backport fix CVE-2014-0181 which would still be vulnerable in
> stable-3.4, please add it.
> 
> patchset from 5187cd055b6e to 90f62cf30a78 fixed CVE-2014-0181,
> which can't backport to stable-3.4 directly, 
> 
> Those three patches are needed:
> commit 935d8aabd4331f47a89c3e1daa5779d23cf244ee 
> commit 038e7332b8d4c0629a2965e3ede1a92e8e427bd6
> commit 3fbc290540a1ed1a8a076ed8f53bee7a38a9f408 
> 
> and this patch is unneeded:
> commit a53b72c83a4216f2eb883ed45a0cbce014b8e62d
> 
> v2:
> 1) Add the patch:
>    commit 2d7a85f4b06e9c27ff629f07a524c48074f07f81
>    which fixes this series to not break applications like Zebra.
> 
> 2) Change the From: to the original author.

This looks better, I've queued this series up and will submit it to
-stable soon.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ