On Sun, Oct 10, 2010 at 16:18:07 -0400, Jay Berkenbilt wrote: > The security team is not interested in doing a DSA to fix the > CVE-2010-3364, but since I already prepared a diff for stable, maybe > you'd be interested it including it in a stable point release. Though > actually, this is not really an important fix since there's no reason > for a debian user to ever run these wrapper scripts. Their main goal is > to allow running vips or nip2 when relocated to a non-standard > location. So it wouldn't offend me at all if you just decided to > disregard the change for stable and testing. > I'd say it's probably not worth it for stable then. Please also downgrade #598296 accordingly. Thanks, Julien
Attachment:
signature.asc
Description: Digital signature