oss-sec mailing list archives

Re: CVE request - Linux kernel: VFAT slab-based buffer overflow

From: Yves-Alexis Perez <corsac () debian org>
Date: Wed, 27 Feb 2013 22:26:16 +0100

On mer., 2013-02-27 at 10:05 -0800, Greg KH wrote:

Yes, I need someone to actually do this.  There used to be a Red Hat
security team member that did this, or so I thought.  What happened to
that process?  I'll ask on security () kernel org if someone wants to
volunteer to do this, but if not, are you, or anyone else you
know/trust
willing to do so?


And do you think it'd be possible to have the same kind of notifications
for (know security) issues not on security@k.o but committed to the
tree? As I understand it networking subsystem patches don't go through
security@k.o so for example I guess the sock_diag_handlers[] one didn't
go through security@k.o but was still identified (at least for some
people) as a security commit?

Regards,
-- 
Yves-Alexis

Attachment: signature.asc
Description: This is a digitally signed message part

Current thread:

Re: handling of Linux kernel vulnerabilities (was: CVE request - Linux kernel: VFAT slab-based buffer overflow), (continued)
- - - Re: handling of Linux kernel vulnerabilities (was: CVE request - Linux kernel: VFAT slab-based buffer overflow) Greg KH (Mar 03)
    - Re: handling of Linux kernel vulnerabilities (was: CVE request - Linux kernel: VFAT slab-based buffer overflow) Eric Lacombe (Mar 04)
    - Re: handling of Linux kernel vulnerabilities (was: CVE request - Linux kernel: VFAT slab-based buffer overflow) Greg KH (Mar 04)
    - Re: handling of Linux kernel vulnerabilities Kurt Seifried (Mar 04)
    - Re: handling of Linux kernel vulnerabilities Solar Designer (Mar 04)
    - Re: handling of Linux kernel vulnerabilities Noel Butler (Mar 05)
    - Re: handling of Linux kernel vulnerabilities Solar Designer (Mar 05)
    - Re: handling of Linux kernel vulnerabilities Alton Moore (Mar 05)
    - Re: handling of Linux kernel vulnerabilities (was: CVE request - Linux kernel: VFAT slab-based buffer overflow) Eric Lacombe (Mar 05)
    - Re: handling of Linux kernel vulnerabilities Andreas Ericsson (Mar 04)
    - Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Yves-Alexis Perez (Feb 27)
    - Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Greg KH (Feb 27)
    - Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Jason A. Donenfeld (Feb 27)
    - Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Greg KH (Feb 27)
    - Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Jason A. Donenfeld (Feb 27)
    - Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Kurt Seifried (Feb 27)
    - Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Jiri Kosina (Feb 27)
    - Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Daniel Kahn Gillmor (Feb 27)
    - Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Jason A. Donenfeld (Feb 27)
    - Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Yves-Alexis Perez (Mar 01)
    - Re: CVE request - Linux kernel: VFAT slab-based buffer overflow Jason A. Donenfeld (Feb 27)

(Thread continues...)