Fix for CVE-2016-7097 missing from linux-4.1.y

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Jan

You are the author of commit 073931017b49 ("posix_acl: Clear SGID bit when setting file permissions") which has been identified to resolve CVE-2016-7097, but is missing from linux-4.1.y.

If you believe this commit should be part of linux-4.1.y can you please reply with your approval for its inclusion?

Thanks!
Josh

P.S.: This is my first attempt at trying to make sure all known CVE fixes are in the stable kernels. After a discussion with Sasha at Plumbers I'd like to start doing this on a regular basis. Any feedback here is welcome.

---
Full list of CVEs associated with 4.1.y can be found here:
http://joshuahunt.github.io/cve-tracker/linux-4.1.y-stable-cve-list.html

--
To unsubscribe from this list: send the line "unsubscribe stable" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html



[Index of Archives]     [Linux Kernel]     [Kernel Development Newbies]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite Hiking]     [Linux Kernel]     [Linux SCSI]