Message ID | 20210412121846.144565-1-vsementsov@virtuozzo.com (mailing list archive) |
---|---|
State | New, archived |
Headers | show |
On Mon, 12 Apr 2021 at 13:19, Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> wrote: > > The following changes since commit 555249a59e9cdd6b58da103aba5cf3a2d45c899f: > > Merge remote-tracking branch 'remotes/ehabkost-gl/tags/x86-next-pull-request' into staging (2021-04-10 16:58:56 +0100) > > are available in the Git repository at: > > https://src.openvz.org/scm/~vsementsov/qemu.git tags/pull-nbd-2021-04-12 > > for you to fetch changes up to d3c278b689845558cd9811940436b28ae6afc5d7: > > block/nbd: fix possible use after free of s->connect_thread (2021-04-12 11:56:03 +0300) > > ---------------------------------------------------------------- > One fix of possible use-after-free in NBD block-driver for 6.0-rc3 > > ---------------------------------------------------------------- > > Note: the tag is signed by a new key, as I've lost the old one. So, > now there are two keys with my name on http://keys.gnupg.net, the elder > is lost. I feel stupid about that :(. Anyway, both keys are not signed by > anybody except for myself. And this is my first pull-request to Qemu, > so, I think some kind of TOFU still applies. I'd really rather not deal with trying to add a new source of pull requests the day before rc3, please. Eric, could you do a pull or something? thanks -- PMM
12.04.2021 18:48, Peter Maydell wrote: > On Mon, 12 Apr 2021 at 13:19, Vladimir Sementsov-Ogievskiy > <vsementsov@virtuozzo.com> wrote: >> >> The following changes since commit 555249a59e9cdd6b58da103aba5cf3a2d45c899f: >> >> Merge remote-tracking branch 'remotes/ehabkost-gl/tags/x86-next-pull-request' into staging (2021-04-10 16:58:56 +0100) >> >> are available in the Git repository at: >> >> https://src.openvz.org/scm/~vsementsov/qemu.git tags/pull-nbd-2021-04-12 >> >> for you to fetch changes up to d3c278b689845558cd9811940436b28ae6afc5d7: >> >> block/nbd: fix possible use after free of s->connect_thread (2021-04-12 11:56:03 +0300) >> >> ---------------------------------------------------------------- >> One fix of possible use-after-free in NBD block-driver for 6.0-rc3 >> >> ---------------------------------------------------------------- >> >> Note: the tag is signed by a new key, as I've lost the old one. So, >> now there are two keys with my name on http://keys.gnupg.net, the elder >> is lost. I feel stupid about that :(. Anyway, both keys are not signed by >> anybody except for myself. And this is my first pull-request to Qemu, >> so, I think some kind of TOFU still applies. > > I'd really rather not deal with trying to add a new source of pull > requests the day before rc3, please. Eric, could you do a pull > or something? > > thanks > -- PMM > Hmm. Ok, that's not a degradation of 6.0 and there is no existing bug somewhere, so we can just not care for 6.0.
On Tue, 13 Apr 2021 at 07:47, Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> wrote: > > 12.04.2021 18:48, Peter Maydell wrote: > > On Mon, 12 Apr 2021 at 13:19, Vladimir Sementsov-Ogievskiy > > <vsementsov@virtuozzo.com> wrote: > >> > >> The following changes since commit 555249a59e9cdd6b58da103aba5cf3a2d45c899f: > >> > >> Merge remote-tracking branch 'remotes/ehabkost-gl/tags/x86-next-pull-request' into staging (2021-04-10 16:58:56 +0100) > >> > >> are available in the Git repository at: > >> > >> https://src.openvz.org/scm/~vsementsov/qemu.git tags/pull-nbd-2021-04-12 > >> > >> for you to fetch changes up to d3c278b689845558cd9811940436b28ae6afc5d7: > >> > >> block/nbd: fix possible use after free of s->connect_thread (2021-04-12 11:56:03 +0300) > >> > >> ---------------------------------------------------------------- > >> One fix of possible use-after-free in NBD block-driver for 6.0-rc3 > >> > >> ---------------------------------------------------------------- > >> > >> Note: the tag is signed by a new key, as I've lost the old one. So, > >> now there are two keys with my name on http://keys.gnupg.net, the elder > >> is lost. I feel stupid about that :(. Anyway, both keys are not signed by > >> anybody except for myself. And this is my first pull-request to Qemu, > >> so, I think some kind of TOFU still applies. > > > > I'd really rather not deal with trying to add a new source of pull > > requests the day before rc3, please. Eric, could you do a pull > > or something? > Hmm. Ok, that's not a degradation of 6.0 and there is no existing bug > somewhere, so we can just not care for 6.0. I think fixing a use-after-free is sensible for rc3; it's only having it come to me via a new unknown submitter of pull requests that I'm not happy about. thanks -- PMM