Date: Sat, 23 Sep 2017 09:20:50 -0700 From: Kurt H Maier <khm@...ops.net> To: oss-security@...ts.openwall.com Subject: Re: Why send bugs embargoed to distros? On Sat, Sep 23, 2017 at 01:44:18PM +0200, Hanno Böck wrote: > If I can trust Red Hat's CVE tracker  there still are no fixed > packages available. Also I haven't found any info about updated > opensuse packages. This is standard operating procedure for Red Hat, at least. Generally days or even weeks pass before patches are released. If you're an "Extended Update Support" customer you can expect months to go by. If you're super lucky you'll get a systemtap script to play with, but that generally requires a kernel RCE. khm
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ