This week’s news about the "Looney Tunes flaw" highlighted a condition which can allow a local user to access root privileges from the command line. Part of the RL Security team's task is to have mitigation strategies ready for such cases - reporting vulnerabilities and suggesting fixes upstream, and also writing our own extra packages.

This week, the Security SIG has published our extra packages and formalized a wiki: https://rockylinux.org/news/security-sig-update/ #looneytunables #securityupdate #glibc

https://cdn.fosstodon.org/media_attachments/files/111/182/794/702/760/097/original/bab8b12ed0e4d23d.mp4