GNU bug report logs - #29490
[PATCH] Revert "gnu: glibc: Fix CVE-2017-15670, CVE-2017-15671."

Previous Next

Package: guix-patches;

Reported by: Marius Bakke <mbakke <at> fastmail.com>

Date: Tue, 28 Nov 2017 17:10:02 UTC

Severity: normal

Tags: patch

Done: Marius Bakke <mbakke <at> fastmail.com>

Bug is archived. No further changes may be made.

Full log

Message #8 received at 29490 <at> debbugs.gnu.org (full text, mbox):

From: ludo <at> gnu.org (Ludovic Courtès)
To: Marius Bakke <mbakke <at> fastmail.com>
Cc: 29490 <at> debbugs.gnu.org
Subject: Re: [bug#29490] [PATCH] Revert "gnu: glibc: Fix CVE-2017-15670,
 CVE-2017-15671."
Date: Tue, 05 Dec 2017 12:08:11 +0100

Hello,

Marius Bakke <mbakke <at> fastmail.com> skribis:

> These issues has been classified as minor by Debian:
>
> https://security-tracker.debian.org/tracker/CVE-2017-15670
> https://security-tracker.debian.org/tracker/CVE-2017-15671
>
> ...and is not worth the cost of grafting and maintaining this patch.

I don’t see Debian’s classification as “minor”, but I see NVD severity
“high” and “medium” (I personally fail to imagine concrete remote
exploitation scenarios, but I largely lack the mental muscles for this.)

Ludo’.

This bug report was last modified 7 years and 144 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #29490 [PATCH] Revert "gnu: glibc: Fix CVE-2017-15670, CVE-2017-15671."

GNU bug report logs - #29490
[PATCH] Revert "gnu: glibc: Fix CVE-2017-15670, CVE-2017-15671."