Hi Zhenhua, These patches are fixed by community and published/discussed in the oss-security mailing list (http://www.openwall.com/lists/oss-security/2014/06/). These are normally fixed in the "git.kernel.org" later version and we try to backport them to the kernel versions we are using (e.g. meta-fsl-pps layer which is using 3.8.13 kernel).
If we find the bug at Enea and fix it, we will send the patch to the relevant kernel mailing list. Best regards Sona -----Original Message----- From: [email protected] [mailto:[email protected]] Sent: den 7 juli 2014 05:56 To: Sona Sarmadi; Otavio Salvador Cc: [email protected]; [email protected] Subject: RE: [meta-freescale] security patches in the Linux kernel Hello Sona, > -----Original Message----- > From: Sona Sarmadi [mailto:[email protected]] > Sent: Thursday, July 03, 2014 10:56 PM > > Some background: > > We scan oss-security public mailing list > ([email protected]) and other reliable open source > mailing lists. Whenever a vulnerability (e.g. CVE-2014-4667 Linux > kernel: sctp: sk_ack_backlog wrap-around > problem) gets published/announced on these lists, we try to apply the > patch in all Linux kernels (or other open source packages) in our > distribution and run some tests. We want to help the community and > contribute back the results of our work, that is why we want to apply > patches in the vendor-layer (e.g met-fsl-ppc) so others can get the > security fixes without extra work. [Luo Zhenhua-B19537] It is great to apply such security patches in ppc layer to ensure community users can use them. Will those patches go to kernel opensource git repository or only maintained separately by community? If the latter, I think patches rework might be needed along with kernel(or other OS package) upgrade. Best Regards, Zhenhua > > BR - Sona > > -----Original Message----- > From: [email protected] [mailto:[email protected]] On > Behalf Of Otavio Salvador > Sent: den 3 juli 2014 14:09 > To: [email protected] > Cc: Sona Sarmadi; [email protected]; meta- > [email protected] > Subject: Re: [meta-freescale] security patches in the Linux kernel > > On Thu, Jul 3, 2014 at 3:44 AM, [email protected] > <[email protected]> wrote: > > Except what Otavio mentioned(send the Yocto patches to > > meta-freescale > maillist). It will be great if those patches can be sent to kernel > upstream(http://patchwork.ozlabs.org/project/linuxppc-dev/list/) directly. > > Sure but these are two parallel actions. Adding them to Yocto Project > BSP and getting those merged upstream. > > -- > Otavio Salvador O.S. Systems > http://www.ossystems.com.br http://code.ossystems.com.br > Mobile: +55 (53) 9981-7854 Mobile: +1 (347) 903-9750 -- _______________________________________________ meta-freescale mailing list [email protected] https://lists.yoctoproject.org/listinfo/meta-freescale
