Comment 4 for bug 1793028
Revision history for this message
| rdratlos (rdratlos) wrote Re: NetBSD CVE Patch Regression | #4 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0e1f616
(Get the code!)
Quote from upstream bug report discussion:
I agree there's something wrong with the code, although I would also
like to have ways of reproducing this. Working on this bug right now is
kind of a shot in the dark, and it seems numerous people here have
worked on PoC or have real world conditions to reproduce those
issues. It would be nice to share those so we can fix those issues
properly.
SuSE has also taken the upstream patch including the latest changes. But exactly the changes from Jan. 2017 introduce the regression. Changes afterwards seem to be more code clean-up.
Fedora and ArchLinux seem not to apply the patch (yet).