Re: [v0.9.12-maint 0/8] Backport changes for CVE-2013-6458 to v0.9.12-maint

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, Jan 15, 2014 at 01:47:48PM -0700, Eric Blake wrote:
> On 01/15/2014 01:43 PM, Eric Blake wrote:
> > On 01/11/2014 07:27 AM, Guido Günther wrote:
> >> Hi,
> >> attached patches backport the fixes for CVE-2013-6458 to v0.9.12-maint. I
> >> decided to cherry-pick the introduction of VIR_STRDUP and virReportError
> >> as well to ease backporting of future fixes. I'd be happy about any review.
> > 
> > Looks correct to me.  I'll let you push to 0.9.12-maint since you
> > already did that work; I already pushed to all the branches 0.10.2 and
> > later.  When porting to 0.10.2, I chose to just inline the call to
> > strdup() instead of backporting VIR_STRDUP, for fewer patches but more
> > conflict resolution; but either approach seems acceptable.
> 
> Oh, and I also pushed the two patches for CVE-2014-1447 to all branches
> back to 0.10.2.  Since that also exists in 0.9.8, you'll want to include
> those two patches in your push to 0.9.12.  There's a conflict resolution
> needed in the first of the two patches, if you want to borrow from
> 0.10.2-maint.

I've cherry-picked these too and will tag a 0.9.12.3 during the next
days. Thanks a lot!
 -- Guido

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list





[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]