[bug#29490] [PATCH] Revert "gnu: glibc: Fix CVE-2017-15670, CVE-2017-156

guix-patches

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug#29490] [PATCH] Revert "gnu: glibc: Fix CVE-2017-15670, CVE-2017-156

From:	Ludovic Courtès
Subject:	[bug#29490] [PATCH] Revert "gnu: glibc: Fix CVE-2017-15670, CVE-2017-15671."
Date:	Tue, 05 Dec 2017 12:08:11 +0100
User-agent:	Gnus/5.13 (Gnus v5.13) Emacs/25.3 (gnu/linux)

Hello,

Marius Bakke <address@hidden> skribis:

> These issues has been classified as minor by Debian:
>
> https://security-tracker.debian.org/tracker/CVE-2017-15670
> https://security-tracker.debian.org/tracker/CVE-2017-15671
>
> ...and is not worth the cost of grafting and maintaining this patch.

I don’t see Debian’s classification as “minor”, but I see NVD severity
“high” and “medium” (I personally fail to imagine concrete remote
exploitation scenarios, but I largely lack the mental muscles for this.)

Ludo’.

[Prev in Thread]

Current Thread

[Next in Thread]

[bug#29490] [PATCH] Revert "gnu: glibc: Fix CVE-2017-15670, CVE-2017-15671.", Ludovic Courtès <=
- [bug#29490] [PATCH] Revert "gnu: glibc: Fix CVE-2017-15670, CVE-2017-15671.", Marius Bakke, 2017/12/05

Prev by Date: bug#29560: [PATCH] gnu: kicad: Install libraries to PREFIX/lib, not PREFIX/lib64.
Next by Date: [bug#29467] [PATCH] web: Don't error about missing ssl related files.
Previous by thread: [bug#29578] [PATCH] gnu: virtualization: Add qmpbackup.
Next by thread: [bug#29490] [PATCH] Revert "gnu: glibc: Fix CVE-2017-15670, CVE-2017-15671."
Index(es):
- Date
- Thread