Date: Mon, 24 Apr 2023 16:18:00 -0700
From: Cy Schubert <Cy.Schubert@cschubert.com>
To: Konstantin Belousov <kib@FreeBSD.org>
Cc: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org
Subject: Re: git: a718431c30a5 - main - lookup(): ensure that openat("/", "..", O_RESOLVE_BENEATH) fails
Message-ID: <20230424231800.B9E7F12A@slippy.cwsent.com>
In-Reply-To: <202304242132.33OLWTCn060852@gitrepo.freebsd.org>
References: <202304242132.33OLWTCn060852@gitrepo.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <202304242132.33OLWTCn060852@gitrepo.freebsd.org>, Konstantin Belous ov writes: > The branch main has been updated by kib: > > URL: https://cgit.FreeBSD.org/src/commit/?id=a718431c30a57226bc7c1a9181fc84ba > b00641a1 > > commit a718431c30a57226bc7c1a9181fc84bab00641a1 > Author: Konstantin Belousov <kib@FreeBSD.org> > AuthorDate: 2023-04-23 23:21:42 +0000 > Commit: Konstantin Belousov <kib@FreeBSD.org> > CommitDate: 2023-04-24 21:32:10 +0000 > > lookup(): ensure that openat("/", "..", O_RESOLVE_BENEATH) fails > > PR: 269780 > Reported by: Dan Gohman <dev@sunfishcode.online> > Reviewed by: emaste, markj > Sponsored by: The FreeBSD Foundation > MFC after: 1 week > Differential revision: https://reviews.freebsd.org/D39773 Should this also require a CVE number? -- Cheers, Cy Schubert <Cy.Schubert@cschubert.com> FreeBSD UNIX: <cy@FreeBSD.org> Web: https://FreeBSD.org NTP: <cy@nwtime.org> Web: https://nwtime.org e^(i*pi)+1=0
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20230424231800.B9E7F12A>