[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#496386: The possibility of attack with the help of symlinks in some Debian packages

TK>> Quoting Steve Langasek (vorlon@debian.org):
TK>>> This is far below the quality I expect from a mass bug filing that's been
TK>>> reviewed by debian-devel.  Mass bugfilings at RC severity need to be held
TK>>> to
TK>> Even though I overread the thread when Dmitry posted his intent to
TK>> -devel, I feel like there was *no* strong agreement that this MBF was
TK>> really wished and welcomed.

TK> Yes, this mass bug filing is of bad quality and should not have happened as
TK> such. However:

TK>> If I come on any such bug on packages I maintain or co-maintain, I
TK>> will immediately downgrade the bug report in such way, mentally
TK>> thanking the bug submitter for the extra work and ranting about yet
TK>> another nice method to delay the release.

TK> I would like to ask maintainers not to do this. I've quickly checked just a
TK> number of these bugs and, between the false positives, already found a
TK> handfull of genuine, true positive issues. Checking where the bug comes from
TK> usually doesn't take a lot of time, so while I share the annoyance, you are
TK> already annoyed, so better turn it into something useful by double-checking
TK> the code rather than downgrading them out of hand.

Thank You for your encouragement :)

More 10 packages already patched and uploaded :)

All, please again, be understanding to possible mistakes. :)

. ''`. Dmitry E. Oboukhov
: :’  : unera@debian.org
`. `~’ GPGKey: 1024D / F8E26537 2006-11-21
  `- 1B23 D4F8 8EC0 D902 0555  E438 AB8C 00CF F8E2 6537

Attachment: signature.asc
Description: Digital signature

Reply to: