Date: Thu, 15 Oct 2015 12:39:44 -0700 From: Blibbet <blibbet@...il.com> To: oss-security@...ts.openwall.com Subject: Re: Re: CVE Request - Linux kernel - securelevel/secureboot bypass. On 10/15/2015 09:58 AM, cve-assign@...re.org wrote: > As far as we can tell, you are reporting an issue in functionality > that was developed for a Red Hat product. Because identical > functionality is not currently offered elsewhere, a CVE ID can be > assigned without considering the details of the securelevel behavior > that may later be implemented (or considered optimal) outside of Red > Hat. I haven't seen Red Hat's new patch yet, but does this count? It sounds like similar functionality, at least. https://github.com/mjg59/linux/commit/4980702888a73e0fd4b48ef6f6683345011aa3a6 More URLs here: http://firmwaresecurity.com/2015/10/06/matthew-garretts-new-linux-fork/ http://firmwaresecurity.com/2015/10/09/clarification-of-matthew-garretts-linux-fork/ Thanks, Lee RSS: http://firmwaresecurity.com/feed
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.