On Thu, 2013-03-21 at 08:08 +0100, Mathias Krause wrote: > Hi Ben, > > this one might be worth backporting, too (CVE-2012-6549)?: > > commit fe685aabf7c8c9f138e5ea900954d295bf229175 > Author: Mathias Krause <minipli@xxxxxxxxxxxxxx> > Date: Thu Jul 12 08:46:54 2012 +0200 > > isofs: avoid info leak on export > > For type 1 the parent_offset member in struct isofs_fid gets copied > uninitialized to userland. Fix this by initializing it to 0. > > Signed-off-by: Mathias Krause <minipli@xxxxxxxxxxxxxx> > Signed-off-by: Jan Kara <jack@xxxxxxx> I already mentioned that, but I forgot to cc you. :-) Ben. -- Ben Hutchings It is easier to write an incorrect program than to understand a correct one.
Attachment:
signature.asc
Description: This is a digitally signed message part