Re: RFC - mark CVE-2017-18641/lxc as <no-dsa> or <ignored>?
On Wed, Feb 26, 2020 at 10:33:22AM -0500, Roberto C. Sánchez wrote:
> Hello all,
>
> I've been doing some work on CVE-2017-18641/lxc to understand the
> precise nature of the vulnerability and potential approaches to fixing
> it. It seems not possible to fix the vulnerability, so I'd like to make
> a recommendation on how to handle it.
>
> Recommendation:
>
> I would like to mark CVE-2017-18641/lxc as <no-dsa> (or <ignored> if
> that would be more appropriate). Absent any feedback to the contrary or
> alternate suggestions, I will mark the vulnerability as <no-dsa> for
> jessie within about a week.
>
I have taken the above described action in security-tracker commit
7b46dadd7a6555db4518a1f0295eb82ce1f89eaf.
Regards,
-Roberto
--
Roberto C. Sánchez
Reply to: