From: Alexander Kanavin <alexander.kanavin@linux.intel.com>
To: akuster808 <akuster808@gmail.com>,
Li Zhou <li.zhou@windriver.com>,
openembedded-core@lists.openembedded.org
Subject: Re: [PATCH] curl: Security Advisory - curl - CVE-2017-1000254
Date: Wed, 25 Oct 2017 14:18:22 +0300 [thread overview]
Message-ID: <cd317265-e904-0ed5-2bd2-c8f0e73a21d3@linux.intel.com> (raw)
In-Reply-To: <e64a026c-95dd-9ade-b274-514e7d687a7b@gmail.com>
On 10/25/2017 07:40 AM, akuster808 wrote:
>
>
> On 10/23/2017 03:29 AM, Alexander Kanavin wrote:
>> On 10/23/2017 10:44 AM, Li Zhou wrote:
>>> Porting patch from <https://github.com/curl/curl/commit/
>>> 5ff2c5ff25750aba1a8f64fbcad8e5b891512584> to solve CVE-2017-1000254.
>>
>> It's better to update to latest version (7.56) instead of backporting
>> patches, please do that.
>
> Then these should be stagged for Rocko. Work has been done.
Only if master is also fixed at the same time (or sooner) - there cannot
be a situation where something is fixed in rocko, but not in master. I'm
fine if it's via CVE backports, but I would prefer a version upgrade.
Alex
prev parent reply other threads:[~2017-10-25 11:18 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-10-23 7:44 [PATCH] curl: Security Advisory - curl - CVE-2017-1000254 Li Zhou
2017-10-23 10:29 ` Alexander Kanavin
2017-10-25 4:40 ` akuster808
2017-10-25 11:18 ` Alexander Kanavin [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cd317265-e904-0ed5-2bd2-c8f0e73a21d3@linux.intel.com \
--to=alexander.kanavin@linux.intel.com \
--cc=akuster808@gmail.com \
--cc=li.zhou@windriver.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox