|
|
|
|
|
|
by eqvinox
719 days ago
|
|
|
> One for every bug fix going into the kernel, rendering the CVE system useless. That is not what they're doing at all, things get CVEs by a small 3 people committee judging on whether it may reasonably have security impact. If this is rendering CVEs useless to you, then you were misusing CVEs to begin with. CVEs are identifiers. The fact that an identifier is assigned does not mean anything about whether the security issue is real and/or its severity. Assigning an ID was meant to help discussing things, including determining whether it is in fact a security issue. |
|
|