The commit-checker missed 5caf3ae4c4bed98bd6148021e6e934d94b5dea1d (due to it accidentally claiming to be a backport of linus:272b62c1f0f6f742046e45b50b6fec98860208a0 instead of linus:b00916b189d13a615ff05c9242201135992fcda3), so CVE-2010-4655 was not shown as pending in UCT, but was correct in the changelog, so the resulting kernel is correct.
The commit-checker correctly found CVE-2011-1012 (linus:294f6cf48666825d23c9372ef37631232746e40d) which had been attributed to CVE-2011-1017 in the changelog instead of CVE-2011-1012. The fixes for CVE-2011-1017 are present also, so again, the resulting kernel is correct. I'm happy for this to move to -security when it passes QA. ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-4655 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-1012 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-1017 ** Changed in: kernel-sru-workflow/security-signoff Status: In Progress => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/788843 Title: linux: 2.6.24-29.90 -proposed tracker -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
