On Mon, Jun 03, 2019 at 10:31:15AM -0700, Zubin Mithra wrote:
> Hello,
>
> CVE-2019-12378 was fixed in the upstream linux kernel with the following commit.
> * 95baa60a0da8 ("ipv6_sockglue: Fix a missing-check bug in ip6_ra_control()")
A CVE was created for that tiny thing?
Hah, no, I think I'll refuse to apply it just for the very point of it.
That's something that can not be triggered by normal operations, right?
It's a bugfix-for-the-theoritical from what I can see...
> Could the patch be applied to v4.19.y, v4.14.y, v4.9.y and v4.4.y?
Why are you ignoring 5.1?
thanks,
greg k-h
