On Fri, Sep 26, 2014 at 10:09 AM, Stas Malyshev wrote:
> Hi!
>
>> In released 5.4.33 (and 5.5.17) you have 6569db8 + 84a4041 + 32be79d
>> (notice I have revert these 3 patches for downstream)
>>
>> In 5.4/5.5/5.6 you have 6569db8 + 84a4041 + 32be79d + f86b219 + 3728449
>> (all reverted in 5.6.1)
>
Hi!
> In released 5.4.33 (and 5.5.17) you have 6569db8 + 84a4041 + 32be79d
> (notice I have revert these 3 patches for downstream)
>
> In 5.4/5.5/5.6 you have 6569db8 + 84a4041 + 32be79d + f86b219 + 3728449
> (all reverted in 5.6.1)
>
> As you said, "5.4 is now supposed to be security-only
Hi!
> As you said, "5.4 is now supposed to be security-only" so I rather
> think we should revert to 5.4.32 code and have the upcoming fix only
> in 5.5+ (so in 5.5.18RC and 5.6.2RC)
OK, I'll revert it then to 5.4.32 state tomorrow. But the problem is
up-merging it - are there any fixes already c
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Le 25/09/2014 09:00, Stas Malyshev a écrit :
> Hi!
Hi,
>> After a quick check
Too quick, I miss 84a4041 ;)
>> 6569db8 and 32be79d are in 5.4.33 / 5.5.17 / 5.6.1RC1 f86b219
>> and 3728449 are in 5.6.1RC1 only
>
> So, for 5.4 should we revert 6569db
Hi!
> After a quick check
>
> 6569db8 and 32be79d are in 5.4.33 / 5.5.17 / 5.6.1RC1
> f86b219 and 3728449 are in 5.6.1RC1 only
So, for 5.4 should we revert 6569db8 and 32be79d then? What about
upmerging to 5.5? What about f86b2193, should this be reverted too? I'm
feeling I don't understand what
On Fri, Sep 19, 2014 at 6:49 PM, Remi Collet wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Le 19/09/2014 18:25, Daniel Lowrey a écrit :
In an effort to fix a very old (seven years old) DoS
vulnerability involving encrypted streams I created a
regression where feof() n
