Je hebt een klacht over de onderstaande posting:
Door Anoniem: En Linux gebruikt, als CNA, nu CVE's bug tracking (niet eens security bugs, gewone bugs bedoel ik). Met Linux bedoel je neem ik aan het Linux kernel project, en dit zeggen ze erover: As part of the normal stable release process, kernel changes that are potentially security issues are identified by the developers responsible for CVE number assignments and have CVE numbers automatically assigned to them. These assignments are published on the linux-cve mailing list as announcements on a frequent basis. Note, due to the layer at which the Linux kernel is in a system, almost any bug might be exploitable to compromise the security of the kernel, but the possibility of exploitation is often not evident when the bug is fixed. Because of this, the CVE assignment team are overly cautious and assign CVE numbers to any bugfix that they identify. This explains the seemingly large number of CVEs that are issued by the Linux kernel team. https://lwn.net/Articles/961961/ Die benadering doet me denken aan ...
Beschrijf je klacht (Optioneel):