[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Please remove knowledgetree and slash for security issues

On Wed, Aug 23, 2006 at 11:09:50PM +0200, Moritz Muehlenhoff wrote:
> Steve Langasek wrote:
> > In the meantime, I'm downgrading 160579 because I don't see anything in that
> > report that would justify claiming the package is unreleasable.

> It's also vulnerable to CVE-2004-2656 (no bug seems to exist) and
> CVE-2001-1535 (328927).

FWIW, of all of these the one that looks most serious to me is the one that
doesn't have a bug filed for it yet. :)  Can you explain which of these bugs
you think justify removing the package from a release, and why?

Steve Langasek                   Give me a lever long enough and a Free OS
Debian Developer                   to set it on, and I can move the world.
vorlon@debian.org                                   http://www.debian.org/

Attachment: signature.asc
Description: Digital signature

Reply to: