[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: What is a security bug?



* Quoting Jasper Filon (jasper.filon@bbned.nl):

> Well, obviously it is not a _security_ bug, since it has nothing to do
> with security. However, it is a bug, maybe even a critical one. 
> As long as the bug does not compromise the security of the system
> (enables unauthorised execution of code, access to memory of other
> process of manipulating the content of the other tabs or something like
> that) is has nothing to do with security and hence not with this list
> (debian-security).   

Security is not just related to execution of
malicious code. It also has to do with data
integrity or usability of software. A vulerability
to a DoS-Attack is IMHO a security bug. If it
justifies a security update is another question,
but IIRC every security bug does.

- Rolf



Reply to: