Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 11 Jun 2016 07:56:27 +0200
From: Willy Tarreau <w@....eu>
To: John Johansen <john.johansen@...onical.com>
Cc: oss-security@...ts.openwall.com, Jann Horn <jannh@...gle.com>,
        Tyler Hicks <tyhicks@...onical.com>,
        "security@...nel.org" <security@...nel.org>
Subject: Re: [vs-plain] Linux kernel stack overflow via ecryptfs and
 /proc/$pid/environ

John, Jann,

On Fri, Jun 10, 2016 at 02:46:23PM -0700, John Johansen wrote:
> The flaw in eCryptfs was assigned CVE-2016-1583.
> 
> If backporting these patches to kernels pre 4.6 you may need to
> cherry-pick patch 6a480a7842545ec520a91730209ec0bae41694c1

In the future, please add such precious information to the relevant
commit message, because it significantly helps doing backports and
everyone does not necessarily read a security list archives at the
same time.

Thanks!
Willy

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ