On Tue, May 02, 2017 at 11:00:10AM +0930, Mike O'Connor wrote:
> On 1/05/2017 8:17 PM, Herbert Poetzl wrote:
>> On Mon, May 01, 2017 at 11:12:52AM +0930, Mike O'Connor wrote:
>>> Hi All
>> Hey Mike,
Mike,
>>> I'm running 3.18.44-vs2.3.7.5-beng which is vulnerable to
>>> CVE-2016-10229. I checked the code again the details in
>>> this link
>>> http://ewen.mcneill.gen.nz/blog/entry/2017-04-17-cve-2016-10229-msg-peek/
>>> A patch is mentioned
>>> https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=197c949e7798fbf28cfadc69d9ca0c2abbf93191
>>> and I checked the source code and the issue is there.
>>> I'm hoping that Ben can release patched kernel.
>> And patching it yourself is not an option why?
> No reason other than it would be good for everyone to
> have it and I'm not sure how to create the Deb files
> like you do.
I'm not creating any deb files, but I'm not Ben either ...
And I'm certainly not speaking for him, but I think that
if you use his packages on a regular basis and kind of
'depend' on them being up-to-date, you might consider
asking nicely for an update or maybe even donate something
to say thanks ...
All the best,
Herbert
> Regards
> Mike
Received on Tue May 2 08:24:19 2017