From: Greg KH <gregkh@suse.de>
To: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Cc: Ingo Molnar <mingo@elte.hu>,
Andrew Morton <akpm@linux-foundation.org>,
Linus Torvalds <torvalds@linux-foundation.org>,
linux-kernel@vger.kernel.org, stable@kernel.org,
"H. Peter Anvin" <hpa@linux.intel.com>,
Roland McGrath <roland@redhat.com>,
Ben Hawkes <hawkes@sota.gen.nz>
Subject: Re: planned 2.6.35.x -stable release for critical x86-64 vulnerabilities ?
Date: Mon, 20 Sep 2010 10:45:06 -0700 [thread overview]
Message-ID: <20100920174506.GB27303@suse.de> (raw)
In-Reply-To: <20100920173840.GA30241@Krystal>
On Mon, Sep 20, 2010 at 01:38:41PM -0400, Mathieu Desnoyers wrote:
> * Greg KH (gregkh@suse.de) wrote:
> > On Mon, Sep 20, 2010 at 12:53:20PM -0400, Mathieu Desnoyers wrote:
> > > Hi Greg,
> > >
> > > Sorry to have to ask this, but I was wondering about the ETA for the next round
> > > of -stable releases including fixes for the following bugs that seems to be
> > > actively exploited in the wild
> > > (http://blog.iweb.com/en/2010/09/64bits-linux-important-security-vulnerability-identified/5437.html
> > > http://isc.sans.edu/diary.html?storyid=9574):
> > >
> > > CVE-2010-3081 (fixed by upstream
> > > commit c41d68a513c71e35a14f66d71782d27a79a81ea6)
> > > "compat: Make compat_alloc_user_space() incorporate the access_ok()"
> > >
> > > and
> > > CVE-2010-3301 (fixed by upstream
> > > commit 36d001c70d8a0144ac1d038f6876c484849a74de
> > > "x86-64, compat: Test %rax for the syscall number, not %eax"
> > > and
> > > commit
> > > commit eefdca043e8391dcd719711716492063030b55ac
> > > "x86-64, compat: Retruncate rax after ia32 syscall entry tracing")
> > >
> > > I'd like to rebase the LTTng tree on top of -stable as soon as it incorporates
> > > these fixes. I could just pull the fixes in my own tree, but this would be
> > > duplicated effort.
> > >
> > > Again, sorry for the hassle, but I feel these bugs require immediate attention.
> >
> > Does NOBODY frickin read my -rc stable announcements? This is only the
> > 8th email today that I've gotten about this issue.
> >
> > {sigh}
> >
> > I don't know why I even bother at times...
> >
> > Sorry, I don't mean to take it out on you, but please people, at least
> > do some basic searching. Like look at the -stable queue git tree which
> > shows that a -rc has been released and is under review, or look at the
> > lkml traffic, or, subscribe to the stable-review mailing list or look at
> > its archives.
>
> I did look at the stable-queue.git tree, and did not find anything about 2.6.35.
> The tree only specify "start .27/.32 review cycle". Nothing about .35. This is
> why I thought it was appropriate to email you about 2.6.35.x.
Ah, sorry, I forgot to move the .35 tree in the queue quilt series, my
mistake. It's now done and pushed out.
thanks,
greg k-h
prev parent reply other threads:[~2010-09-20 17:47 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-09-20 16:53 planned 2.6.35.x -stable release for critical x86-64 vulnerabilities ? Mathieu Desnoyers
2010-09-20 17:23 ` Greg KH
2010-09-20 17:38 ` Mathieu Desnoyers
2010-09-20 17:45 ` Greg KH [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20100920174506.GB27303@suse.de \
--to=gregkh@suse.de \
--cc=akpm@linux-foundation.org \
--cc=hawkes@sota.gen.nz \
--cc=hpa@linux.intel.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mathieu.desnoyers@efficios.com \
--cc=mingo@elte.hu \
--cc=roland@redhat.com \
--cc=stable@kernel.org \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.