> As Linus and others have noted, marking some bugs as being "security-related" is not helpful, especially as not everyone can even agree - or sometimes even know at release time - whether a bug has security implications or not. If above is true, then saying: > any user of the 2.6.25 kernel on x86-64 with untrusted local users is very STRONGLY recommended to upgrade Is clearly not following that. In other words, you are saying that this is a security issue (keywords: "untrusted users", "very STRONGLY ... upgrade"), just using slightly different language. So, why was this marked as "security fix" if Linus and others say that doing that is not helpful at all? Just release the things with no comment then.
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds