Control: tag -1 pending On 2014-08-26 19:23, Luciano Bello wrote:
On Monday 25 August 2014 18:19:43 Jonathan Wiltshire wrote:Control: tag -1 confirmed On 2014-08-25 16:13, Luciano Bello wrote: > After talking with Daniel, we agreed to update the patch for this > > (non- > critical security) bug via spu. This will allow to build the next > debian-live > without the vulnerability. > > The problem is the following: Debian-live allows to SSH access with > > default > user and password. The patch disable ssh password authentication. > > The debdiff is attached. Please go ahead.Thanks, done.
Flagged for acceptance.
Should I close the bug?
No, a release manager will do that later. Thanks, -- Jonathan Wiltshire jmw@debian.org Debian Developer http://people.debian.org/~jmw 4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC 74C3 5394 479D D352 4C51 <directhex> i have six years of solaris sysadmin experience, from 8->10. i am well qualified to say it is made from bonghits layered on top of bonghits