On Wed, Aug 23, 2006 at 11:09:50PM +0200, Moritz Muehlenhoff wrote: > Steve Langasek wrote: > > In the meantime, I'm downgrading 160579 because I don't see anything in that > > report that would justify claiming the package is unreleasable. > It's also vulnerable to CVE-2004-2656 (no bug seems to exist) and > CVE-2001-1535 (328927). FWIW, of all of these the one that looks most serious to me is the one that doesn't have a bug filed for it yet. :) Can you explain which of these bugs you think justify removing the package from a release, and why? Thanks, -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. vorlon@debian.org http://www.debian.org/
Attachment:
signature.asc
Description: Digital signature