On Wed, Oct 02, 2024 at 05:05:51PM +0200, Vegard Nossum wrote:
Hi,
We noticed some cases where a mainline commit that fixes a CVE has a Fixes: tag pointing to a commit that has been backported to 6.6 but where the fix is not present.
Harshit and I have backported some of these patches.
We are not subsystem experts and that's why we have marked this series as RFC -- any review or feedback is welcome. We've tried to document the conflicts and their causes in the changelogs. We haven't done targeted testing beyond our usual stable tests, but this includes for example the netfilter test suite, which did not show any new failures.
Greg: feel free to take these patches or leave it as you want. Conflict resolution always comes with the risk of missing something and we want to be up-front about that. On the other hand, these were identified as CVE fixes so presumably we're not the only ones who want them.
I've taken the ones that were not already in the stable queues, thanks for the backports!
greg k-h