They don't have CVE numbers and perhaps the authors didn't even bother to
isolate the commit that introduced the problem. How terrifying, I'm sure
the fix is much worse as a consequence.
Naturally some bugs have nothing mentioned in the changelogs: not everyone
cares to mention them, not everyone who fixes such a bug knows it is
security fixes at the time they're fixed, and so on.
Haven't we done this whole tiresome argument before? :/
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds