• lurch (he/him)
    link
    fedilink
    English
    48 hours ago

    AFAIK they are already patched, because the company I work for has already applied an Ubuntu update on various hosts to address this. (I saw the ticket being closed.)

    • @[email protected]
      link
      fedilink
      3
      edit-2
      8 hours ago

      I think this is the regular modus operandi in these days: CVD

      In computer security, coordinated vulnerability disclosure (CVD, sometimes known as responsible disclosure) is a vulnerability disclosure model in which a vulnerability or an issue is disclosed to the public only after the responsible parties have been allowed sufficient time to patch or remedy the vulnerability or issue.

      So the devs get enough time to prepare a fix before the public gets informed that they should update their software.