On Tue, Jun 29, 2021 at 01:06:00PM -0700, Anil Altinay wrote:
Hi,
I realized that this cve( https://www.openwall.com/lists/oss-security/2021/03/23/2 ) is not in the 4.19 tree but the commits introduced the vulnerability before 4.19. Is there any reason that the fix was not cherry-picked to 4.19?
Backport wasn't trivial, and no one seemed to care enough about 4.19. Feel free to backport the fix and send it out for review.