On 11/09/2010 04:51 AM, Markus Armbruster wrote:
Gleb Natapov<g...@redhat.com> writes:
On Tue, Nov 09, 2010 at 11:16:43AM +0100, Markus Armbruster wrote:
Gleb Natapov<g...@redhat.com> writes:
On Tue, Nov 09, 2010 at 10:30:54AM +0100, Markus Armbruster wrote:
Gleb Natapov<g...@redhat.com> writes:
Properly check array bounds before accessing array element.
Impact?
Gapping security hole for those unfortunate enough to use usb-net?
Doesn't that bit of information belong in the commit message.
Some people prefer not to put such information into commit message.
Correct, but does "some people" include the QEMU maintainers? Anthony?
I don't have a strong opinion either way. If there's a CVE, I'd prefer
the CVE number was prominent in the commit log but other than that, I'd
leave it to the author's discretion.
Regards,
Anthony Liguori
[...]
