Comment 6 for bug 1482786

I see it the same way. I would also include publication of the group man to group root privilege escalation via the setgid directory (the e-mails from 2015-05-15 03:00:46 on [1]), which may also use part of the same technique here but was caused by a combination of different factors, one including the kernel, but not clear, which component is at fault and where to start with the fix. The discussion at security-at-kernel.org also ended about 2015-07-06 without final conclusion.

Should I add a second bug report for this other problem, e.g. against package kernel and man-db? Or do publication and see, what will be consensus after discussion and then decide about affected package and way to fix?

Just make the issues public when you feel, that it makes sense.

[1] http://www.halfdog.net/Security/2015/SetgidDirectoryPrivilegeEscalation/