Am 23.10.2016 um 03:31 schrieb Zube <z...@stat.colostate.edu>: > On Sat Oct 22 08:20:24 PM, Valeri Galtsev wrote: > >> I should have said CentOS 7. Older ones (CentOS 6 and 5) are not vulnerable. > > https://bugzilla.redhat.com/show_bug.cgi?id=1384344 > > Comment #35 points to a link that doesn't depend on /proc/self/mem and > claims to work on CentOS 6 and 5. I'm not quite sure what I should > be looking for when I run the program, though.
Its explained it the first line. > I do hope Redhat releases patches soon. What's quite confusing, is Redhat's security rating: "only important" and not critical. I see how security ratings are applied "Flaws that require an authenticated remote user, a local user, or an unlikely configuration are not classed as Critical impact." [1] but such a bug should be weighted discretely. [1] https://access.redhat.com/security/updates/classification/ -- LF _______________________________________________ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
