Re: Does /dev/urandom now block until initialised ?

From: Jeffrey Walton
Date: Mon Jul 23 2018 - 12:11:16 EST

Next message: Dave Jiang: "Re: [PATCH v6 06/13] mm, dev_pagemap: Do not clear ->mapping on final put"
Previous message: stevenvandenbrandenstift: "[PATCH] sun4i: dts: add gpu node to sun4i-a10 platform"
In reply to: Theodore Y. Ts'o: "Re: Does /dev/urandom now block until initialised ?"
Next in thread: Theodore Y. Ts'o: "Re: Does /dev/urandom now block until initialised ?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Jul 23, 2018 at 11:16 AM, Theodore Y. Ts'o <tytso@xxxxxxx> wrote:
> On Mon, Jul 23, 2018 at 04:43:01AM +0100, Ken Moffat wrote:
>> ...
> One of the reasons why I didn't see the problem when I was developing
> the remediation patch for CVE-2018-1108 is because I run Debian
> testing, which doesn't have this particular Red Hat patch.

Off-topic, I'm kind of surprised it took that long to fix it (if I am
parsing things correctly).

I believe Stephan Mueller wrote up the weakness a couple of years ago.
He's the one who explained the interactions to me. Mueller was even
cited at https://github.com/systemd/systemd/issues/4167.

It is too bad he Mueller not receive credit for it in the CVE database.

Jeff

Next message: Dave Jiang: "Re: [PATCH v6 06/13] mm, dev_pagemap: Do not clear ->mapping on final put"
Previous message: stevenvandenbrandenstift: "[PATCH] sun4i: dts: add gpu node to sun4i-a10 platform"
In reply to: Theodore Y. Ts'o: "Re: Does /dev/urandom now block until initialised ?"
Next in thread: Theodore Y. Ts'o: "Re: Does /dev/urandom now block until initialised ?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]