[PATCH 3.13 163/163] lzo: check for length overrun in variable length encoding.

Jiri Slaby jslaby at suse.cz
Thu Oct 16 08:10:30 UTC 2014


On 10/14/2014, 10:58 AM, Luis Henriques wrote:
> Could you please provide us with examples of commits in one of our
> extended stable trees that is not on any other public release at
> kernel.org?

Hi, from 3.12.y, for example:
commit 48e8cad86bb1241c08bdaa80db022c25068ff8e0
Author: Jiri Slaby <jslaby at suse.cz>
Date:   Mon Jul 14 15:20:17 2014 +0200

    Revert "aio: fix kernel memory disclosure in io_getevents()
introduced in v3.10"

    This reverts commit 0e2e24e5dc6eb6f0698e9dc97e652f132b885624, which
    was applied twice mistakenly. The first one is
    bee3f7b8188d4b2a5dfaeb2eb4a68d99f67daecf.


Or any other patch without the "commit upstream" line. This may also
happen where there is no way of backporting a fix to the stable tree due
to later changes. Instead, a simple fix is applied, but it has no
connection to the original commit but the reference.

thanks,
-- 
js
suse labs




More information about the kernel-team mailing list