[A][PATCH 0/1] CVE-2018-1068
Andy Whitcroft
apw at canonical.com
Mon May 14 09:40:10 UTC 2018
On Mon, May 14, 2018 at 01:41:27AM -0400, Khalid Elmously wrote:
> CVE matrix shows this fix as needed for T/X/A/B/C. However the fix is
> already part of linux-stable 4.4.122 (so T/X have it) and linux-stable
> 4.15.10 (so B/C have it). So only needed in A.
Ok this indicated an autotriager flaw. It is worth bringing these to my
attention sooner rather than later so they can be investigated. I have
looked at the flaw and this is related to a new odd markup combination
coming from the security team where they are using upstream: and break-fix:
together (they are nominally mutually exclusive) and now using different
upstream repositories for linus' tree. I have generalised the handling
for this situation and it is now resolved and the CVE matrix should
again show the truth.
I am slightly confused by your contention that T is not-affected as 4.4.122
has the fix; yes the hwe kernel is covered but the trusty GA kernel would
need separate handling. The newly minted matrix output tends to confirm
this contention.
-apw
>
>
> Florian Westphal (1):
> netfilter: ebtables: CONFIG_COMPAT: don't trust userland offsets
>
> net/bridge/netfilter/ebtables.c | 13 ++++++++++++-
> 1 file changed, 12 insertions(+), 1 deletion(-)
>
> --
> 2.17.0
>
>
> --
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team
More information about the kernel-team
mailing list