Re: [PATCH 4.4 0/4] CVE fixes for 4.4
From: Juerg Haefliger
Date: Wed Sep 07 2016 - 06:50:23 EST
Hi Greg,
Did you have a chance to look at the below 4 patches?
Did I do something wrong when submitting them or are there other reasons not to include them in the
4.4 kernel?
Btw, they still apply on top of 4.4.20.
Thanks
...Juerg
On 08/29/2016 03:38 PM, Juerg Haefliger wrote:
> This patch series fixes the following CVEs in the 4.4 kernel:
> - CVE-2016-0758
> - CVE-2016-5243
> - CVE-2016-5244
> - CVE-2016-6130
>
> David Howells (1):
> KEYS: Fix ASN.1 indefinite length object parsing
>
> Kangjie Lu (2):
> tipc: fix an infoleak in tipc_nl_compat_link_dump
> rds: fix an infoleak in rds_inc_info_copy
>
> Martin Schwidefsky (1):
> s390/sclp_ctl: fix potential information leak with /dev/sclp
>
> drivers/s390/char/sclp_ctl.c | 12 +++++++-----
> lib/asn1_decoder.c | 16 +++++++++-------
> net/rds/recv.c | 2 ++
> net/tipc/netlink_compat.c | 3 ++-
> 4 files changed, 20 insertions(+), 13 deletions(-)
>
--
Juerg Haefliger
Hewlett Packard Enterprise
Attachment:
signature.asc
Description: OpenPGP digital signature