On Fri, 2011-01-14 at 18:35 +0100, Moritz Mühlenhoff wrote:
What shall we do with CVE-2010-4075, CVE-2010-4076, CVE-2010-4077
at this point of the freeze?
Should be fixed by d281da7ff6f70efca0553c288bb883e8605b3862
and 0587102cf9f427c185bfdeb2cef41e13ee0264b1 , but would change
the ABI.
We could postpone it to a later point update, where we change the
ABI along with more serious issues requiring an ABI bump?
I think I can see how to do this without an ABI bump:
- Add the function pointers at the end of the structures (#ifndef
__GENKSYMS__).
- Define a new flag in tty_driver::flags indicating whether
ops-get_icount is valid.
- Define a new 1-bit bitfield in struct usb_serial (#ifndef
__GENKSYMS__) indicating whether type-get_icount is valid.
I'll try to implement this now.
Ben.
--
Ben Hutchings
Once a job is fouled up, anything done to improve it makes it worse.
signature.asc
Description: This is a digitally signed message part