• Kogasa@programming.dev
    link
    fedilink
    English
    arrow-up
    1
    ·
    9 months ago

    Frivolous CVEs aren’t a good thing for security. This bug was a possible DOS (not e.g. a privilege escalation) in a disabled-by-default experimental feature. It wasn’t a security issue and should have been fixed with a patch instead of raising a false alarm and damaging trust.