1. 3
  1.  

  2. 3

    This fix was therefore not backported to long-term distributions such as CentOS:

    Your daily reminder that long term support with backports never manges to backport all the fixes.

    1. 1

      but it was not recognized as a security threat.

      Your daily reminder that Linus would prefer to hide security-related bugs with innocuous commit messages.

      1. 2

        Yeah, also true, some orgs struggle more than others, but I think it’s true in general, even for the best of us. Mitigations get better, hardening gets harder, part one of a two part vuln gets fixed, etc.