Date: Tue, 25 Apr 2023 02:19:04 +0300
From: Konstantin Belousov <kostikbel@gmail.com>
To: Cy Schubert <Cy.Schubert@cschubert.com>
Cc: src-committers@freebsd.org, dev-commits-src-all@freebsd.org, dev-commits-src-main@freebsd.org
Subject: Re: git: a718431c30a5 - main - lookup(): ensure that openat("/", "..", O_RESOLVE_BENEATH) fails
Message-ID: <ZEcOaDvfUHcS4PBs@kib.kiev.ua>
In-Reply-To: <20230424231800.B9E7F12A@slippy.cwsent.com>
References: <202304242132.33OLWTCn060852@gitrepo.freebsd.org> <20230424231800.B9E7F12A@slippy.cwsent.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Apr 24, 2023 at 04:18:00PM -0700, Cy Schubert wrote: > In message <202304242132.33OLWTCn060852@gitrepo.freebsd.org>, Konstantin > Belous > ov writes: > > The branch main has been updated by kib: > > > > URL: https://cgit.FreeBSD.org/src/commit/?id=a718431c30a57226bc7c1a9181fc84ba > > b00641a1 > > > > commit a718431c30a57226bc7c1a9181fc84bab00641a1 > > Author: Konstantin Belousov <kib@FreeBSD.org> > > AuthorDate: 2023-04-23 23:21:42 +0000 > > Commit: Konstantin Belousov <kib@FreeBSD.org> > > CommitDate: 2023-04-24 21:32:10 +0000 > > > > lookup(): ensure that openat("/", "..", O_RESOLVE_BENEATH) fails > > > > PR: 269780 > > Reported by: Dan Gohman <dev@sunfishcode.online> > > Reviewed by: emaste, markj > > Sponsored by: The FreeBSD Foundation > > MFC after: 1 week > > Differential revision: https://reviews.freebsd.org/D39773 > > Should this also require a CVE number? I do not see why.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?ZEcOaDvfUHcS4PBs>