Well, where are you moving? The Linux kernel does this - and worse - all the time.
Quite a lot of security issues are fixed in the upstream Linux kernel without a word about their security impact. And I'm not just talking about information disclosures / memory leaks like these, but also about bugs that let you compromise the system on their own.
This gets really, really bad when you consider that a lot of distros keep the kernel version stable and just backport security fixes. Thus, an attacker that follows the Linux kernel commits more closely than the distro maintainers (and they do, believe me) know about the vulnerability, while the end-users remain vulnerable despite having all the latest updates from their distro.
Biting the hand that feeds IT
