Comment 11 for bug 413656

Kees Cook (kees) wrote :

Correct, the Live CD does not contain an updated kernel for the personality-via-pulse exploit (CVE-2009-1895), fixed in USN-807-1, which allowed mmap_min_addr to be bypassed. Ubuntu with Wine installed are most likely to be single-user systems, which helps reduce the number of people in real danger from this vulnerability.

This current bug is certainly important, which is why it's not being ignored. Kernels take a while to build for all releases on all architectures, and will be completed later today.