Re: stable-security kernel updates

From: Greg KH
Date: Thu Apr 21 2016 - 08:39:28 EST

Next message: Laurent Pinchart: "Re: [PATCH] PM / Runtime: Only force-resume device if it has been force-suspended"
Previous message: Laxman Dewangan: "[PATCH 7/7] mfd: wl1273-core: Use devm_mfd_add_devices() for mfd_device registration"
In reply to: Jiri Slaby: "Re: stable-security kernel updates"
Next in thread: Willy Tarreau: "Re: stable-security kernel updates"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Apr 21, 2016 at 02:05:41PM +0200, Jiri Slaby wrote:
> On 04/21/2016, 01:59 PM, Jiri Slaby wrote:
> >> (CVE-2016-2085) 613317b EVM: Use crypto_memneq() for digest comparisons
> >
> > Does not exist in the CVE database/is not confirmed yet AFAICS.
>
> And now I am looking at the patch and I remember why I threw it away.
> crypto_memneq is not in 3.12 yet and I was not keen enough to backport it.

Which brings up the question, Sasha, why did you think these CVEs were
relevant for 3.12? What were you basing that list on?

thanks,

greg k-h

Next message: Laurent Pinchart: "Re: [PATCH] PM / Runtime: Only force-resume device if it has been force-suspended"
Previous message: Laxman Dewangan: "[PATCH 7/7] mfd: wl1273-core: Use devm_mfd_add_devices() for mfd_device registration"
In reply to: Jiri Slaby: "Re: stable-security kernel updates"
Next in thread: Willy Tarreau: "Re: stable-security kernel updates"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]