On Tue, Jun 04, 2019 at 09:52:35AM +0200, Greg KH wrote:
> On Mon, Jun 03, 2019 at 10:31:15AM -0700, Zubin Mithra wrote:
> > Hello,
> >
> > CVE-2019-12378 was fixed in the upstream linux kernel with the following commit.
> > * 95baa60a0da8 ("ipv6_sockglue: Fix a missing-check bug in ip6_ra_control()")
>
> A CVE was created for that tiny thing?
>
> Hah, no, I think I'll refuse to apply it just for the very point of it.
> That's something that can not be triggered by normal operations, right?
> It's a bugfix-for-the-theoritical from what I can see...
>
> > Could the patch be applied to v4.19.y, v4.14.y, v4.9.y and v4.4.y?
>
> Why are you ignoring 5.1?
Also, stable networking patches need to come from the networking
maintainer, as the documentation states, so I shouldn't be applying this
directly anyway. If Dave thinks it is worth to backport, I'll gladly
apply it from his submissions, so you need to convince him, not me.
thanks,
greg k-h
