|
|
|
|
|
|
by jsmeaton
3437 days ago
|
|
|
I mostly agree, but I meant to direct my previous comment to this: > silently fixed in the upstream git is not at all an acceptable way to deal with serious security flaws in your product. I was suggesting that it might not have been silently fixed, and was instead misdiagnosed. You can see the commit here: https://github.com/systemd/systemd/commit/06eeacb6fe029804f2... Now I'm not sure if this was linked to a pull request or some other place where discussion took place, but it looks like it was a simple fix, by one person, over a year ago. At a minimum I think this suggests that more scrutiny is required, especially for bugs that suggest security issues. |
|
|