← Back to context

Comment by mirchibajji

4 years ago

Can you point to this please? From my reading, it appears that their earlier patches were merged, but there is no mention of them being actual vulnerabilities. The lkml thread does mention they want to revert these patches, just in case.

5 comments

mirchibajji

Reply
lb7000  4 years ago

From LKML

"A lot of these have already reached the stable trees. I can send you revert patches for stable by the end of today (if your scripts have not already done it)."

https://lore.kernel.org/linux-nfs/YH%2F8jcoC1ffuksrf@kroah.c...

  • PeterisP  4 years ago

    It's not saying that those are introduced bugs; IMHO they're just proactively reverting all commits from these people.

    • capybara_2020  4 years ago

      > > > They introduce kernel bugs on purpose. Yesterday, I took a look on 4 > > > accepted patches from Aditya and 3 of them added various severity security > > > "holes".

      It looks like actual security vulnerabilities were successfully added to the stable branch based on that comment.

    • lfc07  4 years ago

      Yes because the UMN guys have made their intent clear, and even went on to defend their actions. They should have apologised and asked for reverting their patches.

    • remexre  4 years ago

      Which kind of sucks for everyone else at UMN, including people who are submitting actual security fixes...