| |||||||||||||
Stable kernel 2.6.32.8Stable kernel 2.6.32.8Posted Feb 11, 2010 13:46 UTC (Thu) by tao (subscriber, #17563)In reply to: Stable kernel 2.6.32.8 by spender Parent article: Stable kernel 2.6.32.8
"While we're on the topic of fixing security bugs though, one security vulnerability that
wasn't fixed in 2.6.32.8 was the move_pages() infoleak, which affects kernels >= 2.6.18. If you're running RHEL 5.4 x64, you're vulnerable to the infoleak, which unlike the recent leaks of tiny amounts, involves a leak within a 512MB range. It was posted to oss-sec 3 days prior to the release of 2.6.32.8, and the fix was a trivial 2 lines."
And was your trivial 2 line fix merged in the 2.6.33-tree (reasonably early) before the release
(Log in to post comments)
Stable kernel 2.6.32.8 Posted Feb 11, 2010 23:58 UTC (Thu) by nix (subscriber, #2304) [Link]
3 days prior to the release of 2.6.32.8 seems to me likely to be after the
three-day-long review period for 2.6.32.8 started. Patches don't normally land in a given stable release after the review period starts for that release unless specifically requested.
Stable kernel 2.6.32.8 Posted Feb 15, 2010 15:50 UTC (Mon) by BenHutchings (subscriber, #37955) [Link]
It does happen occasionally, e.g. if a reviewer points out a dependency of another patch, but in general you are right.
|
|||||||||||||