Hello, 2 commits of klibc 1.5.22 are candidates for stable fixes: * [klibc] ipconfig: comment new escape function security fix for CVE-2011-0997 type vulnerability corresponding cve requested but not yet given out. http://git.kernel.org/?p=libs/klibc/klibc.git;a=commit;h=46a0f831582629612f0ff9707ad1292887f26bff * [klibc] ipconfig: Only peek and discard packets from specified device. This fixes netbooting on boxes with several connected network dev. (the commit is on the largeish size, but got tested together with 1.5.20) http://git.kernel.org/?p=libs/klibc/klibc.git;a=commit;h=92823d1a78a8a6f3e7a7cc36f949ca6379c4e77c concerning oldstable only the first one should be fixed. ipconfig has deeper troubles there. if acked by SRM I'd upload a klibc-1.5.20-2 with just the 2 aboves fixes for stable and a 1.5.12-3 for oldstable with just the first fix? thanks -- maks
Attachment:
signature.asc
Description: Digital signature