Comment 95 for bug 1996188
Revision history for this message
| Jeremy Stanley (fungi) wrote Re: Arbitrary file access through custom VMDK flat descriptor (CVE-2022-47951) | #95 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
bbfa235
(Get the code!)
Keeping them attached to the bug should be fine, I'll just omit them from the pre-OSSA. We can still add them to the advisory if people have time to test over the next week, or simply push them into review after the report is public.
I'm working on assembling pre-OSSA now, and still expect to send it to downstream stakeholders by the end of my day (somewhat delayed by the luck of having this fall on the same day that we scheduled publication of OSSA-2023-001).