[kernel-sec-discuss] r5076 - active retired
Ben Hutchings
benh at moszumanska.debian.org
Tue Mar 14 14:29:39 UTC 2017
Author: benh
Date: 2017-03-14 14:29:39 +0000 (Tue, 14 Mar 2017)
New Revision: 5076
Added:
retired/CVE-2015-8952
Removed:
active/CVE-2015-8952
Log:
Ignore CVE-2015-8952 for jessie, and retire it
Deleted: active/CVE-2015-8952
===================================================================
--- active/CVE-2015-8952 2017-03-14 14:27:10 UTC (rev 5075)
+++ active/CVE-2015-8952 2017-03-14 14:29:39 UTC (rev 5076)
@@ -1,23 +0,0 @@
-Description:
-References:
- https://lwn.net/Articles/668718/
- https://bugzilla.redhat.com/show_bug.cgi?id=1360968
- https://bugzilla.kernel.org/show_bug.cgi?id=107301
-Notes:
- bwh> The upstream fix (rewrite of mbcache) is too intrusive to backport.
- bwh> We will mitigate this with cond_resched() as suggested in comment 1
- bwh> on the bz.k.o bug report. I don't want to add the no_mbcache mount
- bwh> option as in comment 12 - that is a uAPI extension that we would
- bwh> have to support indefinitely even though it's redundant in new kernel
- bwh> versions. An alternative would be to make ext4 avoid using mbcache
- bwh> for ceph xattrs (I have an untested patch for this).
- bwh> The problem seems to have been introduced (or exacerbated) by commit
- bwh> 1f3e55fe02d1 in 3.15, which added a retry loop in mb_cache_entry_alloc().
-Bugs:
-upstream: released (4.6-rc1) [f9a61eb4e2471c56a63cd804c7474128138c38ac, 82939d7999dfc1f1998c4b1c12e2f19edbdff272, be0726d33cb8f411945884664924bed3cb8c70ee]
-4.9-upstream-stable: N/A "Fixed before branch point"
-3.16-upstream-stable: ignored "Too intrusive to backport"
-3.2-upstream-stable: ignored "Too intrusive to backport, and seems to be minor issue"
-sid: released (4.6.1-1)
-3.16-jessie-security: needed
-3.2-wheezy-security: ignored "Too intrusive to backport, and seems to be minor issue"
Copied: retired/CVE-2015-8952 (from rev 5075, active/CVE-2015-8952)
===================================================================
--- retired/CVE-2015-8952 (rev 0)
+++ retired/CVE-2015-8952 2017-03-14 14:29:39 UTC (rev 5076)
@@ -0,0 +1,23 @@
+Description:
+References:
+ https://lwn.net/Articles/668718/
+ https://bugzilla.redhat.com/show_bug.cgi?id=1360968
+ https://bugzilla.kernel.org/show_bug.cgi?id=107301
+Notes:
+ bwh> The upstream fix (rewrite of mbcache) is too intrusive to backport.
+ bwh> We will mitigate this with cond_resched() as suggested in comment 1
+ bwh> on the bz.k.o bug report. I don't want to add the no_mbcache mount
+ bwh> option as in comment 12 - that is a uAPI extension that we would
+ bwh> have to support indefinitely even though it's redundant in new kernel
+ bwh> versions. An alternative would be to make ext4 avoid using mbcache
+ bwh> for ceph xattrs (I have an untested patch for this).
+ bwh> The problem seems to have been introduced (or exacerbated) by commit
+ bwh> 1f3e55fe02d1 in 3.15, which added a retry loop in mb_cache_entry_alloc().
+Bugs:
+upstream: released (4.6-rc1) [f9a61eb4e2471c56a63cd804c7474128138c38ac, 82939d7999dfc1f1998c4b1c12e2f19edbdff272, be0726d33cb8f411945884664924bed3cb8c70ee]
+4.9-upstream-stable: N/A "Fixed before branch point"
+3.16-upstream-stable: ignored "Too intrusive to backport"
+3.2-upstream-stable: ignored "Too intrusive to backport, and seems to be minor issue"
+sid: released (4.6.1-1)
+3.16-jessie-security: ignored "Too intrusive to backport, but will be mitigated"
+3.2-wheezy-security: ignored "Too intrusive to backport, and seems to be minor issue"
More information about the kernel-sec-discuss
mailing list