-=| Nico Golde, Thu, May 15, 2008 at 10:09:41PM +0200 |=- > * Damyan Ivanov <[EMAIL PROTECTED]> [2008-05-15 20:32]: > > > > The only reason for this to not be of critical severity is that database > > services are typically firewalled. > > > [...] > As far as I can see that firebird is disabled after the > installation and needs to be dpkg-reconfigure'ed which will > ask for a password or set a random one.
Right. I was just to add this as another reason for preferring 'grave' over 'critical'. Still, I estimate the installations with dpkg-reconfigure-enabled servers to be more than the ones that are kept disabled. Another addition: as the fix is in a conffile, perhaps some words encouraging admins to accept the new version would be in order for the advisory. -- dam JabberID: [EMAIL PROTECTED]
signature.asc
Description: Digital signature
