Date: Tue, 29 Dec 2009 10:12:55 +0800 From: Eugene Teo <eugeneteo@...nel.sg> To: oss-security@...ts.openwall.com CC: "Steven M. Christey" <coley@...us.mitre.org> Subject: Re: CVE requests - kernel security regressions for CVE-2009-1385/and -1389 On 12/28/2009 03:47 PM, Eugene Teo wrote: > http://events.ccc.de/congress/2009/Fahrplan//events/3596.en.html > > In Fabian's talk, he describes two kernel NIC driver issues: > > Issue #1 > Fabian claimed that CVE-2009-1385 has an incorrect fix: > http://git.kernel.org/linus/ea30e11970a96cfe5e32c03a29332554573b4a10. [...] > Issue #2 > The fix for CVE-2009-1389 regarding the r8169 driver introduces a > similar security problem as this: > http://git.kernel.org/linus/fdd7b4c3302c93f6833e338903ea77245eb510b4 is > a revert of this: > http://git.kernel.org/linus/126fa4b9ca5d9d7cb7d46f779ad3bd3631ca387c. Patches update can be found here: https://bugzilla.redhat.com/show_bug.cgi?id=550907#c4 Thanks, Eugene
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ