Re: [PATCH 4.4 0/4] CVE fixes for 4.4

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Greg,

Did you have a chance to look at the below 4 patches?

Did I do something wrong when submitting them or are there other reasons not to include them in the
4.4 kernel?

Btw, they still apply on top of 4.4.20.

Thanks
...Juerg


On 08/29/2016 03:38 PM, Juerg Haefliger wrote:
> This patch series fixes the following CVEs in the 4.4 kernel:
>   - CVE-2016-0758
>   - CVE-2016-5243
>   - CVE-2016-5244
>   - CVE-2016-6130
> 
> David Howells (1):
>   KEYS: Fix ASN.1 indefinite length object parsing
> 
> Kangjie Lu (2):
>   tipc: fix an infoleak in tipc_nl_compat_link_dump
>   rds: fix an infoleak in rds_inc_info_copy
> 
> Martin Schwidefsky (1):
>   s390/sclp_ctl: fix potential information leak with /dev/sclp
> 
>  drivers/s390/char/sclp_ctl.c | 12 +++++++-----
>  lib/asn1_decoder.c           | 16 +++++++++-------
>  net/rds/recv.c               |  2 ++
>  net/tipc/netlink_compat.c    |  3 ++-
>  4 files changed, 20 insertions(+), 13 deletions(-)
> 


-- 
Juerg Haefliger
Hewlett Packard Enterprise

Attachment: signature.asc
Description: OpenPGP digital signature


[Index of Archives]     [Linux Kernel]     [Kernel Development Newbies]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite Hiking]     [Linux Kernel]     [Linux SCSI]