Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Thu, 13 Dec 2018 18:07:32 -0500
From: Nicholas Luedtke <nicholas.luedtke@...lumni.com>
To: oss-security@...ts.openwall.com
Subject: Re: Linux kernel: userfaultfd bypasses tmpfs file


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

We have also been compiling and presenting the CVEs on a per stream
basis at https://www.linuxkernelcves.com because the question of which
upstream stable branch to choose has been asked on a enterprise level
many times. Of course, once you choose once you still have to track the
changes (or lack there of).

- -nsl
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEuBmjxk1e65HSx2v8v5sO3DqymUgFAlwS5jQACgkQv5sO3Dqy
mUgMCRAApsDHQLfTisj7B4IQZ7oIvZCu1eW48nwTYTN+fSKOe6ocnS/hBAyPDCUk
cyCRY95qJqNYR3Vqi2kBzreXbv+m7i+Qfi6uJaBQdPVwBe2nAtgNxMBbduT6dQcR
oLwpPmZQ3deSgZG5z5BVtiDXVI93PWgqeH41oCS8Ui8ZQq1QfyGn1dmXGZUw6uK/
tZcgdUkohc57Di46U+/NIeqLQv7dp/siifq+MSI+7zikF/+cPlXd70qOAFNMxM+6
slYflxu41+LQELDepiQpRZq9HFZNrj7+9Evn3la1w8zYiuOWsKYsdb5xkOT5rkCU
c6Vo+mjOVwmdWvt3ZxbGVmbU55o76EFy/KhB0mWyzDeSV73+1kat2RR4R6BMHZdg
dvF3og5xnL+4mVeOIEoxO8EFD22051ORuyvoPvgJIk70M1uhboaGyYAA2Qs6kcI8
gPJYTg389+couSXNd9CAJ3Hv6qyHTyk93NzBG1S/RF7kKRMtfOqBFQub4EHWoGMp
xxJVgUSQUwtmTUowB9s8/W53CUeAR535dx8+tKatY3e1qOx81JzLoI+HouQ7K9XS
c6zwQ15+K+IYsCsbHG7z7saDOjxJQTRBcTSqTtyHlrDiydOkh8rj/x1V28QILqvx
C3v8LlYALivFVZXzSVe5aWbsOcCxhsfgAZEPMu+SqKTwdO1/3CA=
=MALv
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.