[Lucid][CVE-2014-4608]PATCH 0/3] lzo: properly check for overruns
Luis Henriques
luis.henriques at canonical.com
Fri Jun 27 17:04:13 UTC 2014
On Fri, Jun 27, 2014 at 10:52:13AM -0600, Tim Gardner wrote:
> Well, I hope you got it right 'cause thats a lot of new code. Were you
> able to test it ?
>
> --
> Tim Gardner tim.gardner at canonical.com
No, I didn't tested them (other than build-testing).
I believe 2.6.32 kernels don't support lzo compressed kernels, so I
would need find some other test case for that (shouldn't be too
difficult, I guess). If you want me to test them, just NAK the Lucid
patches and I'll see what I can do to test it next week.
Anyway, lots of these changes are just moving code around and the
difference between the backports and the original commits are
virtually zero. But I share your concerns: I *really* hope I got this
right as well :-)
Cheers,
--
Luís
More information about the kernel-team
mailing list