On Tue, March 19, 2013 01:37, Christoph Anton Mitterer wrote: > severity 703290 important > stop > > On Tue, 2013-03-19 at 10:20 +1300, Andrew McMillan wrote: >> Is there any way to do an XSS exploit in 12 characters? If not, then I >> don't think this is 'grave'. > Unless someone from the security or release team complains I've set the > severity to important.
Agreed that it's not grave until we have a concrete vulnerability at hand. The code could/should definitely be more robust, but there's not yet an acute issue. Cheers, Thijs -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
