[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] CVE-2021-20177 kernel: iptables string match rule could result in kernel panic
From: Greg KH <greg () kroah ! com>
Date: 2021-01-12 16:09:42
Message-ID: X/3JxrqAuE7mDlpZ () kroah ! com
[Download RAW message or body]
On Tue, Jan 12, 2021 at 03:23:16PM +0000, John Haxby wrote:
>
>
> > On 12 Jan 2021, at 08:04, Greg KH <greg@kroah.com> wrote:
> >
> > I still do not understand why you report issues that are fixed over a
> > year ago (October 2019) and assign them a CVE like this. Who does this
> > help out? And what about the thousands of other issues that are fixed
> > in the kernel and not assigned a CVE like this, are they somehow not as
> > important to your group?
> >
> > What determines what you want to give a CVE to and what you do not?
>
>
> I think I can answer that. There's nothing technical going on here,
> it's down to the behaviour of the end users of enterprise systems.
Ok, I can understand that crazyness, and somehow believe it, so I have
not complained when announcements like this come out for issues that
affect RHEL releases as RH is known for abusing^using the CVE system in
this manner. But that was not the case here at all, which is why I
asked this.
thanks,
greg k-h
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic