Package: surf Version: 0.4.1-4 Severity: wishlist Tags: security Hi,
Today I visited http://blog.melchua.com/2011/02/01/ive-followed-your-instructions-and-i-still-cant-bake-croissants/ As a result, wget was spawned and a widget2.swf file appeared in my home directory, even though I had requested no such thing. It would be better if it unobtrusively notified me that the file was available for download and did not download it without explicit user action. If I had run surf from another directory, it could be a serious problem, hence the security tag. Any hints for tracking this down? -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
