Hi Thijs, * Thijs Kinkhorst <[EMAIL PROTECTED]> [2008-06-04 14:14]: > On Wed, June 4, 2008 13:14, Nico Golde wrote: > > I agree that it is of a low impact but I disagree that this > > is not a security issue, people are using reportbug in /tmp and I don't see > > a reason to assume people are not doing that. > > The chance of succesful exploitation still seems very small, and indeed > even then the problem is limited to just a regular user account. It's good > that Sandro is fixing the bug directly so I'm not going to argue over bug > severity, but I'm marking it as no-dsa for stable.
Ok I thought you were also arguing about the severity in the tracker. No-dsa seems fine to me. Cheers Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
pgpDRbC08vWjF.pgp
Description: PGP signature
