On Wed, June 4, 2008 13:14, Nico Golde wrote: > I agree that it is of a low impact but I disagree that this > is not a security issue, people are using reportbug in /tmp and I don't see > a reason to assume people are not doing that.
The chance of succesful exploitation still seems very small, and indeed even then the problem is limited to just a regular user account. It's good that Sandro is fixing the bug directly so I'm not going to argue over bug severity, but I'm marking it as no-dsa for stable. Thijs -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
