Re: [SECURITY] [DSA 2695-1] chromium-browser security update
On Wednesday 29 May 2013 15:23:54 Michael Gilbert wrote:
> or possibly have unspecified other impact via unknown vectors.
I'm just wondering ... is that Google language for "or possibly allow remote
code execution" ?
The phrase occurs for many of the vulnerabilities listed in the advisory, and
most browser release notices cure some bugs that may allow remote code
execution ... but not one of the vulnerabilities listed in this one refers to
rce.
I'm wondering whether the phrasing of the descriptions of the CVEs listed in
this advisory is Google's choice .....
And I'm thinking "unspecified impact" isn't very helpful really.
Cheers,
Nick
--
Never FDISK after midnight
Reply to: