|
|
|
|
|
|
by riknos314
45 days ago
|
|
|
I believe their point was that: "How likely is this diff a patch for an existing vulnerability?" Seems to be an easier question to answer than "Are there any new vulnerabilities introduced by this diff?" In other words identifying that a patch is for a vulnerability is typically easier than finding the vulnerability in the first place. |
|
|