On Thu, Oct 05, 2023 at 11:23:35AM -0400, Stephen Smoogen wrote: > On Sat, 30 Sept 2023 at 05:13, Marius Schwarz <fedoradev@xxxxxxxxxxxx> > wrote: > > > > > Hi, > > > > this is emerg ping for the security team, to take a look at this bz : > > > > https://bugzilla.redhat.com/show_bug.cgi?id=2241470 > > > > The deadline for having a fix shipped is the afternoon of SUN, 1. of Oct > > 2023 . On this date, the patches in upstream go public and exploits > > will be developed for them. this impacts ALL of redhat based > > installations which run as servers and are publically reachable. The > > component in question is the default package for rh based installations. > > > So does anyone know which of this weeks major security problems this was > about? Since it is supposedly past the release date, I figure it is ok to > ask. If it isn't due to some other delay.. my apologies. My guess is on glibc's suid local root: https://lwn.net/Articles/946381/ -- Tomasz Torcz Once you've read the dictionary, @ttorcz:pipebreaker.pl every other book is just a remix. _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
