On 01/11/2018 14:33, Cătălin George Feștilă wrote:
Just sending a URL to the list is not very helpful - you need
to explain what you expect us to do with it, or what the question
is that would like answered.
That CVE is nearly a week old now so I'm sure the relevant people
are already aware of it, if only because the security team would
likely have opened a few dozen bugs about it by now if it was
relevant.
It's not relevant though, because it doesn't affect Fedora as
the X server is not setuid in Fedora and hasn't been for some
considerable time (since F22 at least).
Tom
--
Tom Hughes (tom(a)compton.nu)
http://compton.nu/