Issue metadata
Sign in to add a comment
|
CrOS: Vulnerability reported in sys-kernel/chromeos-kernel-3_8 |
||||||||||||||||||||||||||||||||||
Issue descriptionAutomated analysis has detected that the following third party packages have had vulnerabilities publicly reported. NOTE: There may be several bugs listed below - in almost all cases, all bugs can be quickly addressed by upgrading to the latest version of the package. Package Name: sys-kernel/chromeos-kernel-3_8 Package Version: [cpe:/o:linux:linux_kernel:3.8.11] Advisory: CVE-2015-5707 Details: https://vomit.googleplex.com/advisory?id=CVE/CVE-2015-5707 CVSS severity score: 4.6/10.0 Confidence: high Description: Integer overflow in the sg_start_req function in drivers/scsi/sg.c in the Linux kernel 2.6.x through 4.x before 4.1 allows local users to cause a denial of service or possibly have unspecified other impact via a large iov_count value in a write request.
,
Nov 29 2016
Chrome Security sheriff here. mnissler, could I keep this assigned to you? Or could you help find a better owner? Thanks. (Assuming this impacts stable, but please correct if I'm wrong)
,
Nov 30 2016
Huh, I had made updates to this bug but apparently forgot to hit the save button... Passing on to kernel folks. This looks like an old CVE, but a quick look at our kernel trees suggests that the vulnerability is present on all branches except 4.4. It looks like the fix is pretty simple and should be straightforward to apply to our trees, so can someone take a look?
,
Nov 30 2016
,
Nov 30 2016
Fix is upstream commit 451a2886b6b ("sg_start_req(): make sure that there's not too many elements in iovec").
,
Nov 30 2016
,
Nov 30 2016
,
Nov 30 2016
,
Nov 30 2016
vomit lists several other CVEs in conjunction with this one. It says "CVE-2015-5707 CVE-2015-6252 CVE-2015-7799 …" (there is a total of 26 CVEs). Any idea, anyone, if there are bugs filed against the other CVEs, and/or why only one shows up here ?
,
Nov 30 2016
Where do you see that list of 26 CVEs? FWIW, I'm not aware of any other bugs (and search doesn't produce any results for CVE-2015-6252 other than this bug). Probably best to follow up with vomit-team@ internally.
,
Nov 30 2016
,
Dec 1 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/983e7597411e1f80ad6ddbefb908805f978ac702 commit 983e7597411e1f80ad6ddbefb908805f978ac702 Author: Al Viro <viro@zeniv.linux.org.uk> Date: Sun Mar 22 00:08:18 2015 BACKPORT: sg_start_req(): make sure that there's not too many elements in iovec unfortunately, allowing an arbitrary 16bit value means a possibility of overflow in the calculation of total number of pages in bio_map_user_iov() - we rely on there being no more than PAGE_SIZE members of sum in the first loop there. If that sum wraps around, we end up allocating too small array of pointers to pages and it's easy to overflow it in the second loop. BUG= chromium:669439 TEST=Build and Compile Change-Id: Ic81dd7bf54b1c6d41d890e39d8563c5da2ac48fe X-Coverup: TINC (and there's no lumber cartel either) Cc: stable@vger.kernel.org # way, way back Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> (cherry picked from commit 451a2886b6b) [groeck: Upstream used wrong (non-existing) definition MAX_UIOVEC] Signed-off-by: Guenter Roeck <groeck@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/415384 Reviewed-by: Dmitry Torokhov <dtor@chromium.org> [modify] https://crrev.com/983e7597411e1f80ad6ddbefb908805f978ac702/drivers/scsi/sg.c
,
Dec 1 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/e88802b18816b196926529f9c9f64b735b2a747a commit e88802b18816b196926529f9c9f64b735b2a747a Author: Al Viro <viro@zeniv.linux.org.uk> Date: Sun Mar 22 00:08:18 2015 BACKPORT: sg_start_req(): make sure that there's not too many elements in iovec unfortunately, allowing an arbitrary 16bit value means a possibility of overflow in the calculation of total number of pages in bio_map_user_iov() - we rely on there being no more than PAGE_SIZE members of sum in the first loop there. If that sum wraps around, we end up allocating too small array of pointers to pages and it's easy to overflow it in the second loop. BUG= chromium:669439 TEST=Build and Compile Change-Id: Ic81dd7bf54b1c6d41d890e39d8563c5da2ac48fe X-Coverup: TINC (and there's no lumber cartel either) Cc: stable@vger.kernel.org # way, way back Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> (cherry picked from commit 451a2886b6b) [groeck: Upstream used wrong (non-existing) definition MAX_UIOVEC] Signed-off-by: Guenter Roeck <groeck@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/415219 Reviewed-by: Dmitry Torokhov <dtor@chromium.org> [modify] https://crrev.com/e88802b18816b196926529f9c9f64b735b2a747a/drivers/scsi/sg.c
,
Dec 1 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/2273f7a74f7cfa2bdda8da130ccb947dafa4a97c commit 2273f7a74f7cfa2bdda8da130ccb947dafa4a97c Author: Al Viro <viro@zeniv.linux.org.uk> Date: Sun Mar 22 00:08:18 2015 BACKPORT: sg_start_req(): make sure that there's not too many elements in iovec unfortunately, allowing an arbitrary 16bit value means a possibility of overflow in the calculation of total number of pages in bio_map_user_iov() - we rely on there being no more than PAGE_SIZE members of sum in the first loop there. If that sum wraps around, we end up allocating too small array of pointers to pages and it's easy to overflow it in the second loop. BUG= chromium:669439 TEST=Build and Compile Change-Id: Ic81dd7bf54b1c6d41d890e39d8563c5da2ac48fe X-Coverup: TINC (and there's no lumber cartel either) Cc: stable@vger.kernel.org # way, way back Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> (cherry picked from commit 451a2886b6b) [groeck: Upstream used wrong (non-existing) definition MAX_UIOVEC] Signed-off-by: Guenter Roeck <groeck@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/415116 Reviewed-by: Dmitry Torokhov <dtor@chromium.org> [modify] https://crrev.com/2273f7a74f7cfa2bdda8da130ccb947dafa4a97c/drivers/scsi/sg.c
,
Dec 1 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/2273f7a74f7cfa2bdda8da130ccb947dafa4a97c commit 2273f7a74f7cfa2bdda8da130ccb947dafa4a97c Author: Al Viro <viro@zeniv.linux.org.uk> Date: Sun Mar 22 00:08:18 2015 BACKPORT: sg_start_req(): make sure that there's not too many elements in iovec unfortunately, allowing an arbitrary 16bit value means a possibility of overflow in the calculation of total number of pages in bio_map_user_iov() - we rely on there being no more than PAGE_SIZE members of sum in the first loop there. If that sum wraps around, we end up allocating too small array of pointers to pages and it's easy to overflow it in the second loop. BUG= chromium:669439 TEST=Build and Compile Change-Id: Ic81dd7bf54b1c6d41d890e39d8563c5da2ac48fe X-Coverup: TINC (and there's no lumber cartel either) Cc: stable@vger.kernel.org # way, way back Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> (cherry picked from commit 451a2886b6b) [groeck: Upstream used wrong (non-existing) definition MAX_UIOVEC] Signed-off-by: Guenter Roeck <groeck@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/415116 Reviewed-by: Dmitry Torokhov <dtor@chromium.org> [modify] https://crrev.com/2273f7a74f7cfa2bdda8da130ccb947dafa4a97c/drivers/scsi/sg.c
,
Dec 1 2016
Please mark security bugs as fixed as soon as the fix lands, and before requesting merges. This update is based on the merge- labels applied to this issue. Please reopen if this update was incorrect. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Dec 1 2016
,
Dec 2 2016
[Automated comment] Request affecting a post-stable build (M54), manual review required.
,
Dec 2 2016
[Automated comment] Less than 2 weeks to go before stable on M55, manual review required.
,
Dec 2 2016
Your change meets the bar and is auto-approved for M56 (branch: 2924)
,
Dec 2 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/000bfbae99e09d0c84a544ca0f425c78d90b9560 commit 000bfbae99e09d0c84a544ca0f425c78d90b9560 Author: Al Viro <viro@zeniv.linux.org.uk> Date: Sun Mar 22 00:08:18 2015 BACKPORT: sg_start_req(): make sure that there's not too many elements in iovec unfortunately, allowing an arbitrary 16bit value means a possibility of overflow in the calculation of total number of pages in bio_map_user_iov() - we rely on there being no more than PAGE_SIZE members of sum in the first loop there. If that sum wraps around, we end up allocating too small array of pointers to pages and it's easy to overflow it in the second loop. BUG= chromium:669439 TEST=Build and Compile Change-Id: Ic81dd7bf54b1c6d41d890e39d8563c5da2ac48fe X-Coverup: TINC (and there's no lumber cartel either) Cc: stable@vger.kernel.org # way, way back Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> (cherry picked from commit 451a2886b6b) [groeck: Upstream used wrong (non-existing) definition MAX_UIOVEC] Signed-off-by: Guenter Roeck <groeck@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/415220 Commit-Ready: Dmitry Torokhov <dtor@chromium.org> Reviewed-by: Dmitry Torokhov <dtor@chromium.org> (cherry picked from commit be8dc7ab4dcb44b60e20ea69900564a2bbdfe0d7) Reviewed-on: https://chromium-review.googlesource.com/415577 [modify] https://crrev.com/000bfbae99e09d0c84a544ca0f425c78d90b9560/drivers/scsi/sg.c
,
Dec 2 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/25cba0ffe1d08f2553885d1e985e4f2b26150ce2 commit 25cba0ffe1d08f2553885d1e985e4f2b26150ce2 Author: Al Viro <viro@zeniv.linux.org.uk> Date: Sun Mar 22 00:08:18 2015 BACKPORT: sg_start_req(): make sure that there's not too many elements in iovec unfortunately, allowing an arbitrary 16bit value means a possibility of overflow in the calculation of total number of pages in bio_map_user_iov() - we rely on there being no more than PAGE_SIZE members of sum in the first loop there. If that sum wraps around, we end up allocating too small array of pointers to pages and it's easy to overflow it in the second loop. BUG= chromium:669439 TEST=Build and Compile Change-Id: Ic81dd7bf54b1c6d41d890e39d8563c5da2ac48fe X-Coverup: TINC (and there's no lumber cartel either) Cc: stable@vger.kernel.org # way, way back Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> (cherry picked from commit 451a2886b6b) [groeck: Upstream used wrong (non-existing) definition MAX_UIOVEC] Signed-off-by: Guenter Roeck <groeck@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/415116 Reviewed-by: Dmitry Torokhov <dtor@chromium.org> (cherry picked from commit 2273f7a74f7cfa2bdda8da130ccb947dafa4a97c) Reviewed-on: https://chromium-review.googlesource.com/415576 [modify] https://crrev.com/25cba0ffe1d08f2553885d1e985e4f2b26150ce2/drivers/scsi/sg.c
,
Dec 2 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/308c6f5374b139715973242de95371c1000b7363 commit 308c6f5374b139715973242de95371c1000b7363 Author: Al Viro <viro@zeniv.linux.org.uk> Date: Sun Mar 22 00:08:18 2015 BACKPORT: sg_start_req(): make sure that there's not too many elements in iovec unfortunately, allowing an arbitrary 16bit value means a possibility of overflow in the calculation of total number of pages in bio_map_user_iov() - we rely on there being no more than PAGE_SIZE members of sum in the first loop there. If that sum wraps around, we end up allocating too small array of pointers to pages and it's easy to overflow it in the second loop. BUG= chromium:669439 TEST=Build and Compile Change-Id: Ic81dd7bf54b1c6d41d890e39d8563c5da2ac48fe X-Coverup: TINC (and there's no lumber cartel either) Cc: stable@vger.kernel.org # way, way back Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> (cherry picked from commit 451a2886b6b) [groeck: Upstream used wrong (non-existing) definition MAX_UIOVEC] Signed-off-by: Guenter Roeck <groeck@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/415384 Reviewed-by: Dmitry Torokhov <dtor@chromium.org> (cherry picked from commit 983e7597411e1f80ad6ddbefb908805f978ac702) Reviewed-on: https://chromium-review.googlesource.com/415579 [modify] https://crrev.com/308c6f5374b139715973242de95371c1000b7363/drivers/scsi/sg.c
,
Dec 2 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/d299f050dc51ab7b3f63b5b2f72ced4f8ae5b504 commit d299f050dc51ab7b3f63b5b2f72ced4f8ae5b504 Author: Al Viro <viro@zeniv.linux.org.uk> Date: Sun Mar 22 00:08:18 2015 BACKPORT: sg_start_req(): make sure that there's not too many elements in iovec unfortunately, allowing an arbitrary 16bit value means a possibility of overflow in the calculation of total number of pages in bio_map_user_iov() - we rely on there being no more than PAGE_SIZE members of sum in the first loop there. If that sum wraps around, we end up allocating too small array of pointers to pages and it's easy to overflow it in the second loop. BUG= chromium:669439 TEST=Build and Compile Change-Id: Ic81dd7bf54b1c6d41d890e39d8563c5da2ac48fe X-Coverup: TINC (and there's no lumber cartel either) Cc: stable@vger.kernel.org # way, way back Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> (cherry picked from commit 451a2886b6b) [groeck: Upstream used wrong (non-existing) definition MAX_UIOVEC] Signed-off-by: Guenter Roeck <groeck@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/415219 Reviewed-by: Dmitry Torokhov <dtor@chromium.org> (cherry picked from commit e88802b18816b196926529f9c9f64b735b2a747a) Reviewed-on: https://chromium-review.googlesource.com/415578 [modify] https://crrev.com/d299f050dc51ab7b3f63b5b2f72ced4f8ae5b504/drivers/scsi/sg.c
,
Dec 2 2016
,
Dec 2 2016
,
Dec 5 2016
This issue has been approved for a merge. Please merge the fix to any appropriate branches as soon as possible! If all merges have been completed, please remove any remaining Merge-Approved labels from this issue. Thanks for your time! To disable nags, add the Disable-Nags label. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Dec 5 2016
,
Dec 13 2016
,
Dec 13 2016
,
Dec 13 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/54def94028ce3280624aad7c20ec37c12d8d9f2a commit 54def94028ce3280624aad7c20ec37c12d8d9f2a Author: Al Viro <viro@zeniv.linux.org.uk> Date: Sun Mar 22 00:08:18 2015 BACKPORT: sg_start_req(): make sure that there's not too many elements in iovec unfortunately, allowing an arbitrary 16bit value means a possibility of overflow in the calculation of total number of pages in bio_map_user_iov() - we rely on there being no more than PAGE_SIZE members of sum in the first loop there. If that sum wraps around, we end up allocating too small array of pointers to pages and it's easy to overflow it in the second loop. BUG= chromium:669439 TEST=Build and Compile Change-Id: Ic81dd7bf54b1c6d41d890e39d8563c5da2ac48fe X-Coverup: TINC (and there's no lumber cartel either) Cc: stable@vger.kernel.org # way, way back Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> (cherry picked from commit 451a2886b6b) [groeck: Upstream used wrong (non-existing) definition MAX_UIOVEC] Signed-off-by: Guenter Roeck <groeck@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/415384 Reviewed-by: Dmitry Torokhov <dtor@chromium.org> (cherry picked from commit 983e7597411e1f80ad6ddbefb908805f978ac702) Reviewed-on: https://chromium-review.googlesource.com/419069 [modify] https://crrev.com/54def94028ce3280624aad7c20ec37c12d8d9f2a/drivers/scsi/sg.c
,
Dec 13 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/3c9fc39ccf36918ac6309a7097c85d053813ba38 commit 3c9fc39ccf36918ac6309a7097c85d053813ba38 Author: Al Viro <viro@zeniv.linux.org.uk> Date: Sun Mar 22 00:08:18 2015 BACKPORT: sg_start_req(): make sure that there's not too many elements in iovec unfortunately, allowing an arbitrary 16bit value means a possibility of overflow in the calculation of total number of pages in bio_map_user_iov() - we rely on there being no more than PAGE_SIZE members of sum in the first loop there. If that sum wraps around, we end up allocating too small array of pointers to pages and it's easy to overflow it in the second loop. BUG= chromium:669439 TEST=Build and Compile Change-Id: Ic81dd7bf54b1c6d41d890e39d8563c5da2ac48fe X-Coverup: TINC (and there's no lumber cartel either) Cc: stable@vger.kernel.org # way, way back Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> (cherry picked from commit 451a2886b6b) [groeck: Upstream used wrong (non-existing) definition MAX_UIOVEC] Signed-off-by: Guenter Roeck <groeck@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/415116 Reviewed-by: Dmitry Torokhov <dtor@chromium.org> (cherry picked from commit 2273f7a74f7cfa2bdda8da130ccb947dafa4a97c) Reviewed-on: https://chromium-review.googlesource.com/419070 [modify] https://crrev.com/3c9fc39ccf36918ac6309a7097c85d053813ba38/drivers/scsi/sg.c
,
Dec 13 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/1152c80d363b1e16b0c1aef001d37e536f0b0ed5 commit 1152c80d363b1e16b0c1aef001d37e536f0b0ed5 Author: Al Viro <viro@zeniv.linux.org.uk> Date: Sun Mar 22 00:08:18 2015 BACKPORT: sg_start_req(): make sure that there's not too many elements in iovec unfortunately, allowing an arbitrary 16bit value means a possibility of overflow in the calculation of total number of pages in bio_map_user_iov() - we rely on there being no more than PAGE_SIZE members of sum in the first loop there. If that sum wraps around, we end up allocating too small array of pointers to pages and it's easy to overflow it in the second loop. BUG= chromium:669439 TEST=Build and Compile Change-Id: Ic81dd7bf54b1c6d41d890e39d8563c5da2ac48fe X-Coverup: TINC (and there's no lumber cartel either) Cc: stable@vger.kernel.org # way, way back Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> (cherry picked from commit 451a2886b6b) [groeck: Upstream used wrong (non-existing) definition MAX_UIOVEC] Signed-off-by: Guenter Roeck <groeck@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/415219 Reviewed-by: Dmitry Torokhov <dtor@chromium.org> (cherry picked from commit e88802b18816b196926529f9c9f64b735b2a747a) Reviewed-on: https://chromium-review.googlesource.com/419071 [modify] https://crrev.com/1152c80d363b1e16b0c1aef001d37e536f0b0ed5/drivers/scsi/sg.c
,
Dec 13 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/1152c80d363b1e16b0c1aef001d37e536f0b0ed5 commit 1152c80d363b1e16b0c1aef001d37e536f0b0ed5 Author: Al Viro <viro@zeniv.linux.org.uk> Date: Sun Mar 22 00:08:18 2015 BACKPORT: sg_start_req(): make sure that there's not too many elements in iovec unfortunately, allowing an arbitrary 16bit value means a possibility of overflow in the calculation of total number of pages in bio_map_user_iov() - we rely on there being no more than PAGE_SIZE members of sum in the first loop there. If that sum wraps around, we end up allocating too small array of pointers to pages and it's easy to overflow it in the second loop. BUG= chromium:669439 TEST=Build and Compile Change-Id: Ic81dd7bf54b1c6d41d890e39d8563c5da2ac48fe X-Coverup: TINC (and there's no lumber cartel either) Cc: stable@vger.kernel.org # way, way back Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> (cherry picked from commit 451a2886b6b) [groeck: Upstream used wrong (non-existing) definition MAX_UIOVEC] Signed-off-by: Guenter Roeck <groeck@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/415219 Reviewed-by: Dmitry Torokhov <dtor@chromium.org> (cherry picked from commit e88802b18816b196926529f9c9f64b735b2a747a) Reviewed-on: https://chromium-review.googlesource.com/419071 [modify] https://crrev.com/1152c80d363b1e16b0c1aef001d37e536f0b0ed5/drivers/scsi/sg.c
,
Dec 13 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/kernel/+/243b10ad58c7e8fa8a2cd9b5a6921f4584619c1d commit 243b10ad58c7e8fa8a2cd9b5a6921f4584619c1d Author: Al Viro <viro@zeniv.linux.org.uk> Date: Sun Mar 22 00:08:18 2015 BACKPORT: sg_start_req(): make sure that there's not too many elements in iovec unfortunately, allowing an arbitrary 16bit value means a possibility of overflow in the calculation of total number of pages in bio_map_user_iov() - we rely on there being no more than PAGE_SIZE members of sum in the first loop there. If that sum wraps around, we end up allocating too small array of pointers to pages and it's easy to overflow it in the second loop. BUG= chromium:669439 TEST=Build and Compile Change-Id: Ic81dd7bf54b1c6d41d890e39d8563c5da2ac48fe X-Coverup: TINC (and there's no lumber cartel either) Cc: stable@vger.kernel.org # way, way back Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> (cherry picked from commit 451a2886b6b) [groeck: Upstream used wrong (non-existing) definition MAX_UIOVEC] Signed-off-by: Guenter Roeck <groeck@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/415220 Commit-Ready: Dmitry Torokhov <dtor@chromium.org> Reviewed-by: Dmitry Torokhov <dtor@chromium.org> (cherry picked from commit be8dc7ab4dcb44b60e20ea69900564a2bbdfe0d7) Reviewed-on: https://chromium-review.googlesource.com/419072 [modify] https://crrev.com/243b10ad58c7e8fa8a2cd9b5a6921f4584619c1d/drivers/scsi/sg.c
,
Dec 13 2016
,
Mar 10 2017
This bug has been closed for more than 14 weeks. Removing security view restrictions. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Apr 17 2017
,
May 30 2017
,
Aug 1 2017
,
Oct 14 2017
|
|||||||||||||||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||||||||||||||
Comment 1 by mnissler@chromium.org
, Nov 29 2016