CVE fixes in kernel-3.16.7-200.fc20
Josh Boyer
jwboyer at fedoraproject.org
Fri Oct 31 11:33:54 UTC 2014
On Fri, Oct 31, 2014 at 06:09:13AM +0100, Reindl Harald wrote:
> i wonder if 3.16.7 contains all the 3.16.3 CVE-fixes from
> https://koji.fedoraproject.org/koji/buildinfo?buildID=587751 and the
> previous 3.16.6 ones from Fedora because
> https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.16.7 dont
> mention them?
They weren't added upstream, which is why the upstream ChangeLog doesn't
list them. Sometimes the CVE information for a patch isn't listed there
anyway. They're still in the Fedora kernel build of the same as
add-on patches. This happens quite frequently.
josh
More information about the kernel
mailing list