From: "Petter Mabäcker" <petter@technux.se>
To: Marko Lindqvist <cazfi74@gmail.com>
Cc: Openembedded core <openembedded-core@lists.openembedded.org>
Subject: Re: [PATCH 1/3] readline: Security Advisory - readline - CVE-2014-2524
Date: Fri, 09 Oct 2015 08:53:02 +0200 [thread overview]
Message-ID: <0299971cf181f7c7cfbf7e7749295540@technux.se> (raw)
In-Reply-To: <CAF6bG8eud0qLNLaqNtBVVgyff8iiSp=g1DsFUh6Sk-ECQthvvA@mail.gmail.com>
[-- Attachment #1: Type: text/plain, Size: 1524 bytes --]
2015-10-08 06:31 skrev Marko Lindqvist:
> On 6 October 2015 at
17:08, Burton, Ross <ross.burton@intel.com> wrote:
>
>> On 6 October
2015 at 14:43, Petter Mabäcker <petter@technux.se> wrote:
>>
>>>
Great. As you will notice also when formatted properly it will not apply
due to that readline63-001 and readline63-002 isn't applied so
'patchlevel' is incorrect. That makes me wondering what the patching
strategy is? In my opinion we should consider adding the official
readline-6.3 patches as well. Should I add a bug report for that or
leave it as is (depending on the strategy...)?
>> Adding the rest of the
patches would have been a sensible thing to do. Right now, we're frozen
as we're about to release 2.0, but a bug or patches post-release would
be much appreciated. Ross
>
> The strategy I introduced in
30a38ea1ee933fb134a5ee9000298703cab93692
> was not to add the patches,
but to fetch them as upstream source.
> That was dropped when readline
was updated to 6.3 (maybe there was no
> patches for it at the time):
>
66bc6f4127e88db18e260c71d181aecfd58c7999
>
> - ML
Hello Marko,
When
looking at the dates for the 6.3 integration my guess is that no patches
existed for 6.3 yet (compared to the dates for the patches..). I will
give it a try to use your 5.2 strategy when applying the 6.3 patches to
make it looks the same for both versions. Thanks for pointing this out!
BR Petter
Petter Mabäcker
Technux
<petter@technux.se>
www.technux.se
[-- Attachment #2: Type: text/html, Size: 2269 bytes --]
next prev parent reply other threads:[~2015-10-09 6:53 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-10-16 9:48 [PATCH 0/3] CVE fixes of package readline and gnupg Kai Kang
2014-10-16 9:48 ` [PATCH 1/3] readline: Security Advisory - readline - CVE-2014-2524 Kai Kang
2014-10-16 11:20 ` Burton, Ross
2014-10-16 21:31 ` Burton, Ross
2014-10-20 3:15 ` Kang Kai
2014-10-20 6:00 ` Kang Kai
2015-10-06 8:11 ` Petter Mabäcker
2015-10-06 10:06 ` Burton, Ross
2015-10-06 11:23 ` Petter Mabäcker
2015-10-06 12:58 ` Burton, Ross
2015-10-06 13:43 ` Petter Mabäcker
2015-10-06 14:08 ` Burton, Ross
2015-10-06 15:30 ` Petter Mabäcker
2015-10-08 2:13 ` Kang Kai
2015-10-09 7:14 ` Petter Mabäcker
2015-10-08 4:31 ` Marko Lindqvist
2015-10-09 6:53 ` Petter Mabäcker [this message]
2014-10-16 9:48 ` [PATCH 2/3] gnupg: CVE-2013-4242 Kai Kang
2014-10-16 9:48 ` [PATCH 3/3] gnupg_1.4.7: add package config libusb Kai Kang
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=0299971cf181f7c7cfbf7e7749295540@technux.se \
--to=petter@technux.se \
--cc=cazfi74@gmail.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox