APPLIED: [CVE-2011-1493] rose networking validation issues
Tim Gardner
tim.gardner at canonical.com
Thu Jul 28 13:16:13 UTC 2011
On 07/28/2011 04:05 AM, Andy Whitcroft wrote:
> CVE-2011-1493
> Bugs in both facilities parsing and in request validation can
> lead to heap corruption.
>
> The fixes for this are in oneiric via mainline and one of the two fixes has
> hit lucid and later via stable updates. Following this email are patch
> sets for all of the remaining affected branches. All of the patches
> except for hardy 3/3 are cherry-picks from mainline, hardy 3/3 is a
> trivial backport. There is a small preparitory cleanup patch included
> in some sets to simplify the port. I am including all of the sets as
> they nearly all differ in patch combinations.
>
> Note that from a review point of view, except for hardy 3/3, where a patch
> appears in more than one set the patch is an identicle change in all sets.
>
> Proposing for hardy, lucid, lucid/fsl-imx51, maverick/ti-omap4, natty,
> and natty/ti-omap4.
>
> -apw
>
--
Tim Gardner tim.gardner at canonical.com
More information about the kernel-team
mailing list