From: Greg KH <gregkh@suse.de>
To: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Cc: Ingo Molnar <mingo@elte.hu>,
Andrew Morton <akpm@linux-foundation.org>,
Linus Torvalds <torvalds@linux-foundation.org>,
linux-kernel@vger.kernel.org, stable@kernel.org,
"H. Peter Anvin" <hpa@linux.intel.com>,
Roland McGrath <roland@redhat.com>,
Ben Hawkes <hawkes@sota.gen.nz>
Subject: Re: planned 2.6.35.x -stable release for critical x86-64 vulnerabilities ?
Date: Mon, 20 Sep 2010 10:23:19 -0700 [thread overview]
Message-ID: <20100920172319.GA8526@suse.de> (raw)
In-Reply-To: <20100920165320.GA28380@Krystal>
On Mon, Sep 20, 2010 at 12:53:20PM -0400, Mathieu Desnoyers wrote:
> Hi Greg,
>
> Sorry to have to ask this, but I was wondering about the ETA for the next round
> of -stable releases including fixes for the following bugs that seems to be
> actively exploited in the wild
> (http://blog.iweb.com/en/2010/09/64bits-linux-important-security-vulnerability-identified/5437.html
> http://isc.sans.edu/diary.html?storyid=9574):
>
> CVE-2010-3081 (fixed by upstream
> commit c41d68a513c71e35a14f66d71782d27a79a81ea6)
> "compat: Make compat_alloc_user_space() incorporate the access_ok()"
>
> and
> CVE-2010-3301 (fixed by upstream
> commit 36d001c70d8a0144ac1d038f6876c484849a74de
> "x86-64, compat: Test %rax for the syscall number, not %eax"
> and
> commit
> commit eefdca043e8391dcd719711716492063030b55ac
> "x86-64, compat: Retruncate rax after ia32 syscall entry tracing")
>
> I'd like to rebase the LTTng tree on top of -stable as soon as it incorporates
> these fixes. I could just pull the fixes in my own tree, but this would be
> duplicated effort.
>
> Again, sorry for the hassle, but I feel these bugs require immediate attention.
Does NOBODY frickin read my -rc stable announcements? This is only the
8th email today that I've gotten about this issue.
{sigh}
I don't know why I even bother at times...
Sorry, I don't mean to take it out on you, but please people, at least
do some basic searching. Like look at the -stable queue git tree which
shows that a -rc has been released and is under review, or look at the
lkml traffic, or, subscribe to the stable-review mailing list or look at
its archives.
greg k-h
next prev parent reply other threads:[~2010-09-20 17:22 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-09-20 16:53 planned 2.6.35.x -stable release for critical x86-64 vulnerabilities ? Mathieu Desnoyers
2010-09-20 17:23 ` Greg KH [this message]
2010-09-20 17:38 ` Mathieu Desnoyers
2010-09-20 17:45 ` Greg KH
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20100920172319.GA8526@suse.de \
--to=gregkh@suse.de \
--cc=akpm@linux-foundation.org \
--cc=hawkes@sota.gen.nz \
--cc=hpa@linux.intel.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mathieu.desnoyers@efficios.com \
--cc=mingo@elte.hu \
--cc=roland@redhat.com \
--cc=stable@kernel.org \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.