Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <4DABB470.7060407@redhat.com>
Date: Mon, 18 Apr 2011 11:48:00 +0800
From: Eugene Teo <eugene@...hat.com>
To: oss-security@...ts.openwall.com
CC: akuster <akuster@...sta.com>, Josh Bressers <bressers@...hat.com>,
        "Steven M. Christey" <coley@...us.mitre.org>
Subject: Re: CVE request: kernel: a collection of world-writable
 debugfs bugs

On 04/16/2011 03:51 AM, akuster wrote:
>
> Does affected code have to be in the main K.O repo or can it be in any
> of the other git kernel repos to get a CVE #?
>
> We have least one product possible affected in
> arch/arm/mach-omap2/debobs.c but this file does not exist in K.O, maybe
> somewhere else (our paper trail on this is coming up cold so I don't
> know where is came from).

The affected code need not be in the mainline kernel. You may request a 
name even if it only affects the version of kernel as shipped by mvista.

Thanks, Eugene
-- 
main(i) { putchar(182623909 >> (i-1) * 5&31|!!(i<7)<<6) && main(++i); }

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.