planned 2.6.35.x -stable release for critical x86-64vulnerabilities ?

[Mathieu Desnoyers]

Hi Greg,

Sorry to have to ask this, but I was wondering about the ETA for the next round
of -stable releases including fixes for the following bugs that seems to be
actively exploited in the wild
(http://blog.iweb.com/en/2010/09/64bits-linux-important-security-vulnerability-identified/5437.html
http://isc.sans.edu/diary.html?storyid=9574):

CVE-2010-3081 (fixed by upstream
commit c41d68a513c71e35a14f66d71782d27a79a81ea6)
"compat: Make compat_alloc_user_space() incorporate the access_ok()"

and
CVE-2010-3301 (fixed by upstream
commit 36d001c70d8a0144ac1d038f6876c484849a74de
"x86-64, compat: Test %rax for the syscall number, not %eax"
and
commit
commit eefdca043e8391dcd719711716492063030b55ac
"x86-64, compat: Retruncate rax after ia32 syscall entry tracing")

I'd like to rebase the LTTng tree on top of -stable as soon as it incorporates
these fixes. I could just pull the fixes in my own tree, but this would be
duplicated effort.

Again, sorry for the hassle, but I feel these bugs require immediate attention.

Thanks,

Mathieu

-- 
Mathieu Desnoyers
Operating System Efficiency R&D Consultant
EfficiOS Inc.
http://www.efficios.com
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/