umn.edu situation and its effects on stable/cip


Pavel Machek
 

Hi!

You may have noticed in the news something funny is going on with
umn.edu commits.

Researchers at umn.edu did 3 bad-faith patches to kernel, sent them
from gmail.com addresses, and tried to get them reviewed (but
prevented them from being merged):

https://github.com/QiushiWu/QiushiWu.github.io/blob/main/papers/OpenSourceInsecurity.pdf

That somehow led to Greg trying to revert all patches from umn.edu:

https://github.com/QiushiWu/QiushiWu.github.io/blob/main/papers/OpenSourceInsecurity.pdf

And indeed there are some patches that do not fix any problem in
mainline (I identified one during stable review), but I don't see
evidence they were done in bad faith.

This is developing news, discussed on linux-kernel and ksummit-discuss
mailing lists (at least), but it should not affect us till middle of
May, and in my view it is likely that impact will be minor in the end.

Best regards,
Pavel
--
DENX Software Engineering GmbH, Managing Director: Wolfgang Denk
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany

Join cip-dev@lists.cip-project.org to automatically receive all group messages.