On Fri, Oct 31, 2014 at 06:09:13AM +0100, Reindl Harald wrote: > i wonder if 3.16.7 contains all the 3.16.3 CVE-fixes from > https://koji.fedoraproject.org/koji/buildinfo?buildID=587751 and the > previous 3.16.6 ones from Fedora because > https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.16.7 dont > mention them? They weren't added upstream, which is why the upstream ChangeLog doesn't list them. Sometimes the CVE information for a patch isn't listed there anyway. They're still in the Fedora kernel build of the same as add-on patches. This happens quite frequently. josh _______________________________________________ kernel mailing list kernel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/kernel
