Re: RFC - mark CVE-2017-18641/lxc as <no-dsa> or <ignored>?
> The second point, to me anyways, significantly reduces the severity of
> the vulnerability. That, paired with the infeasibility of implementing
> upstream's fix, led me to the above recommendation of <no-dsa> for this
Thank you for your careful and detailed analysis of the situation. I
would agree with your conclusion. I would only add that it is a shame
that this issue was known for many years.
: :' : Chris Lamb
`. `'` firstname.lastname@example.org 🍥 chris-lamb.co.uk