Date: Thu, 15 Oct 2015 12:39:44 -0700 From: Blibbet <blibbet@...il.com> To: oss-security@...ts.openwall.com Subject: Re: Re: CVE Request - Linux kernel - securelevel/secureboot bypass. On 10/15/2015 09:58 AM, cve-assign@...re.org wrote: > As far as we can tell, you are reporting an issue in functionality > that was developed for a Red Hat product. Because identical > functionality is not currently offered elsewhere, a CVE ID can be > assigned without considering the details of the securelevel behavior > that may later be implemented (or considered optimal) outside of Red > Hat. I haven't seen Red Hat's new patch yet, but does this count? It sounds like similar functionality, at least. https://github.com/mjg59/linux/commit/4980702888a73e0fd4b48ef6f6683345011aa3a6 More URLs here: http://firmwaresecurity.com/2015/10/06/matthew-garretts-new-linux-fork/ http://firmwaresecurity.com/2015/10/09/clarification-of-matthew-garretts-linux-fork/ Thanks, Lee RSS: http://firmwaresecurity.com/feed
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ