 
	
| [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] Difference between patch in XSA and patch checked in
 >>> On 23.08.17 at 18:35, <george.dunlap@xxxxxxxxxx> wrote: > Can I propose that committers should always check in the exact version > of the patch in the publicly-released advisory? Preferably directly > from xsa.git, and with 'git am' (and not rebasing or modifying patches)? As the presumably primary guilty one here, I'll try to remember to not make such changes going forward. It is largely the adding of CVE numbers and tags to the patch which has turned out easier to do in a private copy of the patches (so they're ready to be applied without having to wait for / pull updates to xsa.git, the more that in less simple cases - which iirc XSA-218 was an example of - the automatic propagation of tags into the patches at public disclosure time doesn't always work [reliably]). That's in particular how the format string differences have crept in that have caused you grief, as the way the diff-ing works is apparently quite different between the various possible tools to use. I do compare patches in such cases in order to make sure I don't commit any stale version, but the patch representation was so different that I apparently didn't notice the mixup in format strings. Jan _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx https://lists.xen.org/xen-devel 
 
 
 | 
|  | Lists.xenproject.org is hosted with RackSpace, monitoring our |