Details about a GLIBC vulnerability were published a couple of days ago by a company called Qualys, and the distributions using it have already received patches. Now, it seems that Google knew about this problem, patched it in ChromeOS a year ago, and forgot to say anything to anyone.
Things are pretty clear in the open source world. When someone finds a vulnerability, exploit, or any kind of issues, that person or entity usually informs everyone else about it. That's the reason why CVE (Comm... (read more)