Date: Thu, 19 Mar 2009 11:03:03 -0400 From: "Michael K. Johnson" <johnsonm@...th.com> To: oss-security@...ts.openwall.com Cc: "Steven M. Christey" <coley@...us.mitre.org> Subject: Re: CVE request: kernel: inotify local DoS On Thu, Mar 19, 2009 at 02:27:36PM +0800, Eugene Teo wrote: > On Thu, Mar 19, 2009 at 1:41 AM, Michael K. Johnson <johnsonm@...th.com> wrote: > > On Tue, Mar 17, 2009 at 08:39:33PM -0400, Steven M. Christey wrote: > [...] > > In the 2.6.27.y stable releases, this affects 184.108.40.206 and earlier. > > In the 2.6.28.y stable releases, this affects 220.127.116.11 and earlier. > > The problem occurs between upstream commits 16dbc6c96163 and 3632dee2f8b8. Thanks, Eugene! More interpretation for those looking at various kernel versions for those changes: 16dbc6c96163 was introduced between 2.6.27-rc8 and 2.6.27-rc9, so 2.6.26 and earlier are not affected. The change represented by 16dbc6c96163 was also not imported into the 2.6.26.y stable release tree during its lifetime, so no 2.6.26.y releases are affected either.
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.