On Sun, 5 Jul 2009 22:18:31 -0400 Michael S Gilbert wrote: > On 7/5/09, Francesco Poli wrote: [...] > > http://security-tracker.debian.net/tracker/CVE-2009-0029 > > commit ??? > > applied to upstream version ??? > > see ??? > > fix present in upstream version 2.6.30: I don't know > > help! the CVE mitre page links to this lkml message from Linus > > Torvalds, who seems to discuss about some aspect, but where's > > the fix? > > http://marc.info/?l=linux-kernel&m=123155111608910&w=2 > > patches are here: https://bugzilla.redhat.com/show_bug.cgi?id=479969. > this one is a mess. it's highly likely in 2.6.30, but it's going to > take some work to confirm this. Again, should a grave bug be filed against the linux-2.6 source package, in order to prevent its migration to testing until this regression is fixed (or confirmed to be already fixed)? Are you willing to do that, or do you prefer that I file the bug by myself? [...] > thanks so much for helping out with this triage. it was imensely helpful. You're welcome! :-) I am glad this triage is considered helpful. -- New location for my website! Update your bookmarks! http://www.inventati.org/frx ..................................................... Francesco Poli . GnuPG key fpr == C979 F34B 27CE 5CD8 DC12 31B5 78F4 279B DD6D FCF4
Attachment:
pgpDm1JgUGFxH.pgp
Description: PGP signature