From: "Petter Mabäcker" <petter@technux.se>
To: Marko Lindqvist <cazfi74@gmail.com>
Cc: Openembedded core <openembedded-core@lists.openembedded.org>
Subject: Re: [PATCH 1/3] readline: Security Advisory - readline - CVE-2014-2524
Date: Fri, 09 Oct 2015 08:53:02 +0200 [thread overview]
Message-ID: <0299971cf181f7c7cfbf7e7749295540@technux.se> (raw)
In-Reply-To: <CAF6bG8eud0qLNLaqNtBVVgyff8iiSp=g1DsFUh6Sk-ECQthvvA@mail.gmail.com>
[-- Attachment #1: Type: text/plain, Size: 1524 bytes --]
2015-10-08 06:31 skrev Marko Lindqvist:
> On 6 October 2015 at
17:08, Burton, Ross <ross.burton@intel.com> wrote:
>
>> On 6 October
2015 at 14:43, Petter Mabäcker <petter@technux.se> wrote:
>>
>>>
Great. As you will notice also when formatted properly it will not apply
due to that readline63-001 and readline63-002 isn't applied so
'patchlevel' is incorrect. That makes me wondering what the patching
strategy is? In my opinion we should consider adding the official
readline-6.3 patches as well. Should I add a bug report for that or
leave it as is (depending on the strategy...)?
>> Adding the rest of the
patches would have been a sensible thing to do. Right now, we're frozen
as we're about to release 2.0, but a bug or patches post-release would
be much appreciated. Ross
>
> The strategy I introduced in
30a38ea1ee933fb134a5ee9000298703cab93692
> was not to add the patches,
but to fetch them as upstream source.
> That was dropped when readline
was updated to 6.3 (maybe there was no
> patches for it at the time):
>
66bc6f4127e88db18e260c71d181aecfd58c7999
>
> - ML
Hello Marko,
When
looking at the dates for the 6.3 integration my guess is that no patches
existed for 6.3 yet (compared to the dates for the patches..). I will
give it a try to use your 5.2 strategy when applying the 6.3 patches to
make it looks the same for both versions. Thanks for pointing this out!
BR Petter
Petter Mabäcker
Technux
<petter@technux.se>
www.technux.se
[-- Attachment #2: Type: text/html, Size: 2269 bytes --]
next prev parent reply other threads:[~2015-10-09 6:53 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-10-16 9:48 [PATCH 0/3] CVE fixes of package readline and gnupg Kai Kang
2014-10-16 9:48 ` [PATCH 1/3] readline: Security Advisory - readline - CVE-2014-2524 Kai Kang
2014-10-16 11:20 ` Burton, Ross
2014-10-16 21:31 ` Burton, Ross
2014-10-20 3:15 ` Kang Kai
2014-10-20 6:00 ` Kang Kai
2015-10-06 8:11 ` Petter Mabäcker
2015-10-06 10:06 ` Burton, Ross
2015-10-06 11:23 ` Petter Mabäcker
2015-10-06 12:58 ` Burton, Ross
2015-10-06 13:43 ` Petter Mabäcker
2015-10-06 14:08 ` Burton, Ross
2015-10-06 15:30 ` Petter Mabäcker
2015-10-08 2:13 ` Kang Kai
2015-10-09 7:14 ` Petter Mabäcker
2015-10-08 4:31 ` Marko Lindqvist
2015-10-09 6:53 ` Petter Mabäcker [this message]
2014-10-16 9:48 ` [PATCH 2/3] gnupg: CVE-2013-4242 Kai Kang
2014-10-16 9:48 ` [PATCH 3/3] gnupg_1.4.7: add package config libusb Kai Kang
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=0299971cf181f7c7cfbf7e7749295540@technux.se \
--to=petter@technux.se \
--cc=cazfi74@gmail.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.