On Tuesday, 17 October 2017 7:34 Michal Kubecek wrote:
On Monday, 16 October 2017 23:53 Larry Finger wrote:
To whom it may concern:
I call your attention to the patch in
It is a part of the fix for CVE--2017-13080.
Thank you for the warning. I don't know the whole context so I would
like to ask how urgent the issue is. In particular, is it OK to wait
for the resolution of this comment
or would it make sense to add the patch now (either with memcmp() or
with crypto_memneq()) and update later?
OK, so it didn't take too long:
Sounds quite convincing to me.
To unsubscribe, e-mail: opensuse-kernel+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse-kernel+owner(a)opensuse.org