On Thu, 2013-03-21 at 18:28 +0200, Michael S. Tsirkin wrote:

On Thu, Mar 21, 2013 at 04:23:48PM +0000, Ben Hutchings wrote:

quoted

On Thu, 2013-03-21 at 08:02 +0200, Michael S. Tsirkin wrote:

quoted

On Sun, Mar 17, 2013 at 02:29:55PM -0400, David Miller wrote:

quoted

From: "Michael S. Tsirkin" <mst@redhat.com>
Date: Sun, 17 Mar 2013 14:46:09 +0200

quoted

ubuf info allocator uses guest controlled head as an index,
so a malicious guest could put the same head entry in the ring twice,
and we will get two callbacks on the same value.
To fix use upend_idx which is guaranteed to be unique.

Reported-by: Rusty Russell <redacted>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

Applied and queued up for -stable, thanks.

And thankfully you got the stable URL wrong,

Yes I wrote stable@kernel.org that's what an old copy
says here:
https://www.kernel.org/doc/Documentation/stable_kernel_rules.txt

I should have known better than look at it on the 'net.  The top
'Everything you ever wanted to know about Linux 2.6 -stable releases.'
is a big hint that it's stale.
Any idea who maintains this? Better update it or remove it or redirect to git.

Rob Landley maintains it, but he's been having trouble updating it since
all the upload mechanisms were changed on kernel.org.

(My stable maintenance scripts still match the old address, anyway.  Not
sure about Greg's.)

Ben.

I hope you mean it will match both the old and the new address?

Yes, of course!

Ben.

-- 
Ben Hutchings, Staff Engineer, Solarflare
Not speaking for my employer; that's the marketing department's job.
They asked us to note that Solarflare product names are trademarked.