On mar., 2012-11-13 at 09:00 -0800, Ian Zimmerman wrote: > Jan> Is it possible to reproduce that xscreensaver crash also without > Jan> libpam-rsa module being used? (when using pam-unix login > Jan> alternative with the same scenario) > > No, it doesn't happen with pam-unix. This had been kicked around the > debian security team for a couple of days before this bug was posted. > You may want to contact them to coordinate your response. > Yes, we were made aware of the issue.
Seeing the gravity of the bug, the number of people using it, the time of last (upstream) release and the number of NMU, we're considering just removing it from Debian altogether, unless you have a decisive argument to keep it (and fix the bug quickly). Regards, -- Yves-Alexis
signature.asc
Description: This is a digitally signed message part
