oss-sec mailing list archives
Re: CVE split and a missed file
From: P J P <ppandit () redhat com>
Date: Thu, 9 Jan 2014 16:52:57 +0530 (IST)
+-- On Wed, 8 Jan 2014, cve-assign () mitre org wrote --+ | The CVEs are about vulnerability fixes, and don't necessarily capture | all of the information that would be used in integrating the patches | into one's own kernel build tree. For example, a file can be changed | in order to be compatible with a vulnerability fix that affects | interaction between functions, or a file can be changed so that its | code executes faster after a vulnerability fix. Agreed. But then do these files need CVE? (just checking) -> net/ax25/af_ax25.c -> net/rose/af_rose.c -> net/compat.c -> net/socket.c -> net/rxrpc/ar-recvmsg.c Thank you. -- Prasad J Pandit / Red Hat Security Response Team
Current thread:
- CVE split and a missed file P J P (Jan 06)
- Re: CVE split and a missed file P J P (Jan 07)
- Re: CVE split and a missed file cve-assign (Jan 08)
- Re: CVE split and a missed file P J P (Jan 09)
- RE: CVE split and a missed file Christey, Steven M. (Jan 09)
- Re: CVE split and a missed file cve-assign (Jan 09)
- Re: CVE split and a missed file cve-assign (Jan 08)
- Re: CVE split and a missed file P J P (Jan 07)
- Re: CVE split and a missed file cve-assign (Jan 08)