On Wed, Oct 02, 2024 at 05:05:51PM +0200, Vegard Nossum wrote: > Hi, > > We noticed some cases where a mainline commit that fixes a CVE has a > Fixes: tag pointing to a commit that has been backported to 6.6 but > where the fix is not present. > > Harshit and I have backported some of these patches. > > We are not subsystem experts and that's why we have marked this > series as RFC -- any review or feedback is welcome. We've tried to > document the conflicts and their causes in the changelogs. We haven't > done targeted testing beyond our usual stable tests, but this > includes for example the netfilter test suite, which did not show any > new failures. > > Greg: feel free to take these patches or leave it as you want. > Conflict resolution always comes with the risk of missing something > and we want to be up-front about that. On the other hand, these were > identified as CVE fixes so presumably we're not the only ones who > want them. I've taken the ones that were not already in the stable queues, thanks for the backports! greg k-h
