Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 20 Jan 2016 21:26:38 +0000
From: One Thousand Gnomes <>
To: Jann Horn <>
Cc: "Eric W. Biederman" <>,
        Dan Carpenter
Subject: Re: 2015 kernel CVEs

> I know of at least two projects that enter user namespaces without the
> necessary care, one of them is LXC.
> > There is room for improvement in this area but I don't see how this
> > qualifies as a CVE.
> I think I agree with that.

If there are projects that screw it up then there should be a CVE - it
just needs someone to update the CVE to indicate where the actual flaw is.


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.