Hello, Am 18.06.19 um 10:05 schrieb Brian May: > The upstream patch patches "c->description" which is not used in > Jessie. OK, so probably not vulnerable. [...] I requested feedback from upstream about CVE-2019-12779 before. https://github.com/ClusterLabs/libqb/issues/338 It seems they do not agree that kernel hardening is completely sufficient because there may be more "vectors pertaining this problem". I would talk with them about your findings directly and ask them for a clarification. Regards, Markus
Attachment:
signature.asc
Description: OpenPGP digital signature