On 17/11/2022 01.32, Fabio Estevam wrote: > On Mon, Nov 14, 2022 at 10:04 AM Tom Rini <tr...@konsulko.com> wrote: >> >> On Mon, Nov 14, 2022 at 10:35:51AM +0100, Rasmus Villemoes wrote: >>> On 14/10/2022 19.43, Rasmus Villemoes wrote: >>>> tl;dr: b85d130ea0ca didn't fix the CVE(s), but did break tftp of >>>> certain file sizes - which is somewhat lucky, since that's how I >>>> noticed in the first place. >>>> >>> >>> At this point it seems unlikely that any more comments or reviews will >>> come, so perhaps its time to get these (all 7) merged to master, so that >>> they will get some wider testing before the January release? >> >> Yes, I'd like to see a net PR with this and perhaps a few other mature >> things? > > Ramon, Joe?
Ping. If those two CVEs and the tftp brokenness are to get fixed in 2023.01, now is the time to pull in these patches, or provide a viable alternative.
