[Secure-testing-commits] r14061 - in data: . CVE

Michael Gilbert michael.s.gilbert at gmail.com
Mon Feb 8 18:44:29 UTC 2010


On Mon,  8 Feb 2010 17:48:02 +0000, Moritz Muehlenhoff wrote:
> Author: jmm-guest
> Date: 2010-02-08 17:48:00 +0000 (Mon, 08 Feb 2010)
> New Revision: 14061
> 
> Modified:
>    data/CVE/list
>    data/embedded-code-copies
> Log:
> - bzr code copies fixed
> - glibc issue not a vulnerability

please explain why this is not an issue.  it adds additional protection
from memory corruption; making it harder to introduce malicious code.

even if you consider it a security hardening feature, then it is still a
security issue. you could mark it unimportant, and make a note about
that, but removing it is not right.

mike 



More information about the Secure-testing-commits mailing list