Re: stable-security kernel updates
From: Greg KH
Date: Thu Apr 21 2016 - 08:39:28 EST
On Thu, Apr 21, 2016 at 02:05:41PM +0200, Jiri Slaby wrote:
> On 04/21/2016, 01:59 PM, Jiri Slaby wrote:
> >> (CVE-2016-2085) 613317b EVM: Use crypto_memneq() for digest comparisons
> >
> > Does not exist in the CVE database/is not confirmed yet AFAICS.
>
> And now I am looking at the patch and I remember why I threw it away.
> crypto_memneq is not in 3.12 yet and I was not keen enough to backport it.
Which brings up the question, Sasha, why did you think these CVEs were
relevant for 3.12? What were you basing that list on?
thanks,
greg k-h