|
From: | Peter Maydell |
Subject: | Re: [Qemu-stable] [Qemu-devel] [PATCH 00/23] qemu state loading issues |
Date: | Tue, 3 Dec 2013 18:24:24 +0000 |
On 3 December 2013 16:28, Michael S. Tsirkin <address@hidden> wrote: > For example: > > https://bugzilla.redhat.com/show_bug.cgi?id=588133#c8 > https://bugzilla.redhat.com/show_bug.cgi?id=588133#c9 I get "not authorized" errors on both of those. > This patchset is the result of that audit: it addresses this set of > security issues by adding input validation and failing migration on > invalid input. I notice that some but not all of these patches have CVE numbers in the commit messages -- what's the distinction that meant some of them get CVEs and some don't? thanks -- PMM
[Prev in Thread] | Current Thread | [Next in Thread] |