Re: CAN-2003-0794: a local DoS
On Wed, Oct 22, 2003 at 05:36:42PM +0200, Sebastien Bacher wrote:
> Package: gdm
> Version: 22.214.171.124-2
> Severity: important
> Tags: security
> A second security bug that need to be closed, fixed in gdm 126.96.36.199 upstream for about one week (and on others distribs too, is the GDM maintainer taking care of this package ?) :
>From the Security FAQ:
Q: What is the policy for a fixed package to appear in
A: Security breakage in the stable distribution warrants a package on
security.debian.org. Anything else does not....
Q: How is security handled for testing and unstable?
A: The short answer is: it's not. Testing and unstable are rapidly
moving targets and the security team does not have the resources needed
to properly support those....
I know that my answer is not really a great 'practical' answer, it is,
in fact, the best answer.
For extra coverage, I'll cc: the package maintainer (according to
packages.debian.org) for this package.
+ It's simply not | John Keimel +
+ RFC1149 compliant! | email@example.com +
+ | http://www.keimel.com +