[Secure-testing-commits] r14061 - in data: . CVE
Michael Gilbert
michael.s.gilbert at gmail.com
Mon Feb 8 18:44:29 UTC 2010
On Mon, 8 Feb 2010 17:48:02 +0000, Moritz Muehlenhoff wrote:
> Author: jmm-guest
> Date: 2010-02-08 17:48:00 +0000 (Mon, 08 Feb 2010)
> New Revision: 14061
>
> Modified:
> data/CVE/list
> data/embedded-code-copies
> Log:
> - bzr code copies fixed
> - glibc issue not a vulnerability
please explain why this is not an issue. it adds additional protection
from memory corruption; making it harder to introduce malicious code.
even if you consider it a security hardening feature, then it is still a
security issue. you could mark it unimportant, and make a note about
that, but removing it is not right.
mike
More information about the Secure-testing-commits
mailing list