On Tue, Oct 22, 2013 at 10:45:45AM -0700, Eric W. Biederman wrote: > Luis Henriques <luis.henriques@xxxxxxxxxxxxx> writes: > > > On Thu, Apr 11, 2013 at 04:26:52PM -0400, Steven Rostedt wrote: > >> 3.6.11.2 stable review patch. > >> If anyone has any objections, please let me know. > >> > >> ------------------ > >> > >> From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx> > >> > >> [ Upstream commit 3151527ee007b73a0ebd296010f1c0454a919c7d ] > > > > While looking at some security bugs, I came across this one > > (CVE-2013-1956). All the references I could find refer to the 3.8 > > kernel only, and this was the only backport I could find to older > > stable kernels. > > > > Could someone clarify if this fix should be included in other stable > > kernels? Or the only affected kernels were the 3.8.0 to 3.8.5? > > Strictly speaking there are older kernels affected. I think it was 3.5 > that had my earliest user namespace bits, and this bug came in with the > first of those bits. However prior to 3.8 simply not enough things were > converted for most people to build a kernel with user namespaces > enabled. I don't think distro's will have user namespaces enabled prior > to 3.12 as that is when xfs the last hold out was finally converted. > > Eric That makes perfect sense to me. Thanks a lot for the clarification, Eric. Cheers, -- Luis -- To unsubscribe from this list: send the line "unsubscribe stable" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html