Comment 146 for bug 2004555
Revision history for this message
| Brian Rosmaita (brian-rosmaita) wrote Re: Unauthorized volume access through deleted volume attachments (CVE-2023-2088) | #146 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
bbfa235
(Get the code!)
@Jeremy: the osbrick-leak patch addresses some possible corner cases, but is too risky to backport as it may cause regressions. Our current thinking is that it should be worked on in public as a patch to master after this issue has been made public, and can go through the normal review and CI process. (To answer your question, it wasn't supplanted by the osbrick-fc patch, it is a child of that patch.)