Re: CVE request: kernel: connector security bypass

[Josh Bressers <bressers () redhat com>]

----- "dann frazier" <dannf () dannf org> wrote:
> Debian provides an out-of-tree drbd module (drbd8), and it appears to
> be affected by this issue as well. I assume we need to allocate an
> additional CVE ID for it?
>
> Here's a link to the upstream fix:
> http://git.drbd.org/?p=drbd-8.3.git;a=commitdiff;h=71915b0d267392c77fe0ae2309535333026cef66
>
> The in-tree version that got merged for 2.6.33 looks fine.

Please use CVE-2010-0747 for this module (drbd8).

-- 
    JB