[kernel-sec-discuss] r1604 - active
Michael Gilbert
michael.s.gilbert at gmail.com
Tue Nov 17 00:20:31 UTC 2009
On Mon, 16 Nov 2009 23:42:10 +0000 Moritz Muehlenhoff wrote:
> Author: jmm
> Date: 2009-11-16 23:42:10 +0000 (Mon, 16 Nov 2009)
> New Revision: 1604
>
> Modified:
> active/CVE-2009-3547
> active/CVE-2009-3612
> Log:
> record linux-2.6 fix
>
>
> Modified: active/CVE-2009-3547
> ===================================================================
> --- active/CVE-2009-3547 2009-11-16 23:41:49 UTC (rev 1603)
> +++ active/CVE-2009-3547 2009-11-16 23:42:10 UTC (rev 1604)
> @@ -16,7 +16,7 @@
> jmm> ad3960243e55320d74195fb85c975e0a8cc4466c
> Bugs:
> upstream: released (2.6.32-rc6) [ad396024]
> -linux-2.6: needed
> +linux-2.6: released (2.6.31-2)
hi, thank you for looking into this issue. however, i had just
checked the 2.6.31.6 patches a little bit ago and found that
the patches for CVE-2009-3547 are in fact not applied. you can check
2.6.31-2's fs/pipe.c yourself to see that this is the case.
you may have been mislead by the kernel package's latest changelog
entry, which is wrong.
mike
More information about the kernel-sec-discuss
mailing list