Re: CVE-2009-4537 - Neil Horman

netdev.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: Neil Horman <nhorman@tuxdriver.com>
To: David Miller <davem@davemloft.net>
Cc: michael.s.gilbert@gmail.com, linux-kernel@vger.kernel.org,
	netdev@vger.kernel.org
Subject: Re: CVE-2009-4537
Date: Sun, 28 Mar 2010 20:50:46 -0400	[thread overview]
Message-ID: <20100329005046.GA2157@localhost.localdomain> (raw)
In-Reply-To: <20100327.103600.246539458.davem@davemloft.net>

On Sat, Mar 27, 2010 at 10:36:00AM -0700, David Miller wrote:
> From: David Miller <davem@davemloft.net>
> Date: Sat, 27 Mar 2010 10:34:07 -0700 (PDT)
> 
> > From: Michael Gilbert <michael.s.gilbert@gmail.com>
> > Date: Sat, 27 Mar 2010 14:21:00 -0400
> > 
> >> Hi,
> >> 
> >> CVE-2009-4537 has been disclosed without any upstream activity for a
> >> while now. Discussion about the issue dried up in January [0], and a
> >> patch had been proposed [1], but no arguments were seen either for or
> >> against it. Note that redhat has already shipped that in their various
> >> kernel security updates.  Would it make sense to merge those changes
> >> officially?
> > 
> > A different version of the fix went into the tree.
> 
> Ignore me, that was a fix for a different problem.
> 
> I was waiting for Francois to come up with a cleaner fix
> but he stopped working on it, so yes I should put in
> the fix you mention or something similar.
> 
> Neil, can you formally submit a version of the r8169
> CVE for upstream?
> 
> Thanks.
> 
Absolutley, I'll review the CVE text and my origional patch tomorrow morning,
and submit the official patch tomorrow afternoon.

Thanks!
Neil

next prev parent reply	other threads:[~2010-03-29  0:50 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <20100327142100.38d21565.michael.s.gilbert@gmail.com>
     [not found] ` <20100327.103407.260084965.davem@davemloft.net>
2010-03-27 17:36   ` CVE-2009-4537 David Miller
2010-03-29  0:50     ` Neil Horman [this message]
2010-03-29  1:27       ` CVE-2009-4537 Ben Hoyt
2010-03-29  1:54         ` CVE-2009-4537 David Miller

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20100329005046.GA2157@localhost.localdomain \
    --to=nhorman@tuxdriver.com \
    --cc=davem@davemloft.net \
    --cc=linux-kernel@vger.kernel.org \
    --cc=michael.s.gilbert@gmail.com \
    --cc=netdev@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).