This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: glibc 2.18 is frozen as of 1:00pm EST.
- From: Siddhesh Poyarekar <siddhesh at redhat dot com>
- To: "Carlos O'Donell" <carlos at redhat dot com>
- Cc: GNU C Library <libc-alpha at sourceware dot org>, David Miller <davem at davemloft dot net>
- Date: Tue, 2 Jul 2013 22:22:41 +0530
- Subject: Re: glibc 2.18 is frozen as of 1:00pm EST.
- References: <51D3036B dot 8030009 at redhat dot com>
On Tue, Jul 02, 2013 at 12:44:27PM -0400, Carlos O'Donell wrote:
> Only bug fixes should go in for serious issues.
>
> As the release manager David has final say into what
> gets checked in as a fix right now. We should be
> assisting him in making those decisions.
I'll make the first exception request for a CVE fix (or set of fixes)
I posted earlier this week to resolve CVE-2012-4412 and CVE-2012-4424:
http://sourceware.org/ml/libc-alpha/2013-06/msg01157.html
http://sourceware.org/ml/libc-alpha/2013-06/msg01158.html
http://sourceware.org/ml/libc-alpha/2013-06/msg01160.html
I don't know if it qualifies as a serious issue since there's no PoC
exploit for those vulnerabilities, but I reckon it wouldn't hurt to
make the request.
Siddhesh