From: Greg KH <gregkh@suse.de>
To: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Cc: Ingo Molnar <mingo@elte.hu>,
Andrew Morton <akpm@linux-foundation.org>,
Linus Torvalds <torvalds@linux-foundation.org>,
linux-kernel@vger.kernel.org, stable@kernel.org,
"H. Peter Anvin" <hpa@linux.intel.com>,
Roland McGrath <roland@redhat.com>,
Ben Hawkes <hawkes@sota.gen.nz>
Subject: Re: planned 2.6.35.x -stable release for critical x86-64 vulnerabilities ?
Date: Mon, 20 Sep 2010 10:23:19 -0700 [thread overview]
Message-ID: <20100920172319.GA8526@suse.de> (raw)
In-Reply-To: <20100920165320.GA28380@Krystal>
On Mon, Sep 20, 2010 at 12:53:20PM -0400, Mathieu Desnoyers wrote:
> Hi Greg,
>
> Sorry to have to ask this, but I was wondering about the ETA for the next round
> of -stable releases including fixes for the following bugs that seems to be
> actively exploited in the wild
> (http://blog.iweb.com/en/2010/09/64bits-linux-important-security-vulnerability-identified/5437.html
> http://isc.sans.edu/diary.html?storyid=9574):
>
> CVE-2010-3081 (fixed by upstream
> commit c41d68a513c71e35a14f66d71782d27a79a81ea6)
> "compat: Make compat_alloc_user_space() incorporate the access_ok()"
>
> and
> CVE-2010-3301 (fixed by upstream
> commit 36d001c70d8a0144ac1d038f6876c484849a74de
> "x86-64, compat: Test %rax for the syscall number, not %eax"
> and
> commit
> commit eefdca043e8391dcd719711716492063030b55ac
> "x86-64, compat: Retruncate rax after ia32 syscall entry tracing")
>
> I'd like to rebase the LTTng tree on top of -stable as soon as it incorporates
> these fixes. I could just pull the fixes in my own tree, but this would be
> duplicated effort.
>
> Again, sorry for the hassle, but I feel these bugs require immediate attention.
Does NOBODY frickin read my -rc stable announcements? This is only the
8th email today that I've gotten about this issue.
{sigh}
I don't know why I even bother at times...
Sorry, I don't mean to take it out on you, but please people, at least
do some basic searching. Like look at the -stable queue git tree which
shows that a -rc has been released and is under review, or look at the
lkml traffic, or, subscribe to the stable-review mailing list or look at
its archives.
greg k-h
next prev parent reply other threads:[~2010-09-20 17:22 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-09-20 16:53 planned 2.6.35.x -stable release for critical x86-64 vulnerabilities ? Mathieu Desnoyers
2010-09-20 17:23 ` Greg KH [this message]
2010-09-20 17:38 ` Mathieu Desnoyers
2010-09-20 17:45 ` Greg KH
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20100920172319.GA8526@suse.de \
--to=gregkh@suse.de \
--cc=akpm@linux-foundation.org \
--cc=hawkes@sota.gen.nz \
--cc=hpa@linux.intel.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mathieu.desnoyers@efficios.com \
--cc=mingo@elte.hu \
--cc=roland@redhat.com \
--cc=stable@kernel.org \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox