severity 546884 important thanks Hi Artur, I've downgraded the severity to important and I hope we can reach an agreement before upgrading it again :-) I'll explain what I think to you and then you can tell me if I'm right or wrong.
First of all the severity: based on [0] the severity 'serious' is only reserved for violation of the Debian policy (this does not seem the case, the package is lintian clean) or a decision of the maintainer or the release manager; we can use other severity and as you can see from our bug queue we have only a few important bugs and they are prioritized accordingly. I want to emphasize the fact that the severity *does not* affect the way I will be working the bug, as you can see the other bug is in pending and probably we will change the default write_bcc settings applying the first patch in #467432, I have to discuss this with Christoph first. Backporting this to stable: this bug has been open for a long time, the first was 304718 in 2005 and its severity was never set higher than normal, that meant that the maintainer and the reporter never thought that this could have been a issue so big that we need to backport the fix to unstable; so I'm more than happy to do a new release in unstable and include a patch to resolve this problem once for all but I don't agree with the fact that we should backport this to unstable. The maintaner of mutt is Christoph so the final decision is up to him (I've added him in CC to this bug). Please let me know if you have any questions. Cheers Antonio [0] http://www.debian.org/Bugs/Developer#severities On Wed, Sep 16, 2009 at 09:32:13PM +0200, Artur R. Czechowski wrote: > severity 546884 serious > thanks > > Package: mutt > Version: 1.5.20-2 > Severity: serious > > Hello, > I believe this bug shall be set as serious (and I've just changed it > accordingly). Explanation follows. > > I am using default setup of exim4 4.69-11+b1 with no modification, only > changeѕ are made using dpkg-reconfigure. > > I have default /etc/Muttrc from mutt 1.5.20 and default setting > for sendmail parameter: /usr/sbin/sendmail -oem -oi > > With such settings Bcc field has been revealed to all recipients. > I want to emphasise it: I have default configuration provided by Debian > and the bug appears. > > They say: better safe than sorry. That's why default shall be set > to protect privacy. In case someone need to have unset write_bcc (as > submitter of mentioned 304718) he can set it on his own - taking all risks > into consideration. > > Additionaly, I believe it shall be also fixed in stable release. > > Best regards > Artur > > -- Package-specific info: > Mutt 1.5.20 (2009-06-14) > Copyright (C) 1996-2009 Michael R. Elkins and others. > Mutt comes with ABSOLUTELY NO WARRANTY; for details type `mutt -vv'. > Mutt is free software, and you are welcome to redistribute it > under certain conditions; type `mutt -vv' for details. > > System: Linux 2.6.30-1-amd64 (x86_64) > ncurses: ncurses 5.7.20090803 (compiled with 5.7) > libidn: 1.15 (compiled with 1.15) > hcache backend: GDBM version 1.8.3. 10/15/2002 (built Jul 9 2009 11:48:41) > Compile options: > -DOMAIN > +DEBUG > -HOMESPOOL +USE_SETGID +USE_DOTLOCK +DL_STANDALONE +USE_FCNTL -USE_FLOCK > > +USE_POP +USE_IMAP +USE_SMTP > -USE_SSL_OPENSSL +USE_SSL_GNUTLS +USE_SASL +USE_GSS +HAVE_GETADDRINFO > +HAVE_REGCOMP -USE_GNU_REGEX > +HAVE_COLOR +HAVE_START_COLOR +HAVE_TYPEAHEAD +HAVE_BKGDSET > +HAVE_CURS_SET +HAVE_META +HAVE_RESIZETERM > +CRYPT_BACKEND_CLASSIC_PGP +CRYPT_BACKEND_CLASSIC_SMIME > +CRYPT_BACKEND_GPGME > -EXACT_ADDRESS -SUN_ATTACHMENT > +ENABLE_NLS -LOCALES_HACK +COMPRESSED +HAVE_WC_FUNCS > +HAVE_LANGINFO_CODESET +HAVE_LANGINFO_YESEXPR > +HAVE_ICONV -ICONV_NONTRANS +HAVE_LIBIDN +HAVE_GETSID +USE_HCACHE > -ISPELL > SENDMAIL="/usr/sbin/sendmail" > MAILPATH="/var/mail" > PKGDATADIR="/usr/share/mutt" > SYSCONFDIR="/etc" > EXECSHELL="/bin/sh" > MIXMASTER="mixmaster" > To contact the developers, please mail to <mutt-...@mutt.org>. > To report a bug, please visit http://bugs.mutt.org/. > > patch-1.5.13.cd.ifdef.2 > > -- System Information: > Debian Release: squeeze/sid > APT prefers unstable > APT policy: (500, 'unstable') > Architecture: amd64 (x86_64) > > Kernel: Linux 2.6.30-1-amd64 (SMP w/1 CPU core) > Locale: LANG=C, LC_CTYPE=pl_PL.UTF-8 (charmap=UTF-8) > Shell: /bin/sh linked to /bin/bash > > Versions of packages mutt depends on: > ii libc6 2.9-26 GNU C Library: Shared libraries > ii libcomerr2 1.41.9-1 common error description library > ii libgdbm3 1.8.3-6 GNU dbm database routines > (runtime > ii libgnutls26 2.8.3-2 the GNU TLS library - runtime > libr > ii libgpg-error0 1.6-1 library for common error values > an > ii libgpgme11 1.1.8-2 GPGME - GnuPG Made Easy > ii libgssapi-krb5-2 1.7dfsg~beta3-1 MIT Kerberos runtime libraries - > k > ii libidn11 1.15-1 GNU Libidn library, > implementation > ii libk5crypto3 1.7dfsg~beta3-1 MIT Kerberos runtime libraries - > C > ii libkrb5-3 1.7dfsg~beta3-1 MIT Kerberos runtime libraries > ii libncursesw5 5.7+20090803-2 shared libraries for terminal > hand > ii libsasl2-2 2.1.23.dfsg1-1.1 Cyrus SASL - authentication > abstra > > Versions of packages mutt recommends: > ii exim4 4.69-11 metapackage to ease Exim MTA > (v4) > ii exim4-daemon-light [mai 4.69-11+b1 lightweight Exim MTA (v4) daemon > ii libsasl2-modules 2.1.23.dfsg1-1.1 Cyrus SASL - pluggable > authenticat > ii locales 2.9-26 GNU C Library: National Language > ( > ii mime-support 3.46-1 MIME files 'mime.types' & > 'mailcap > > Versions of packages mutt suggests: > ii aspell 0.60.6-2 GNU Aspell spell-checker > ii ca-certificates 20090814 Common CA certificates > ii gnupg 1.4.10-1 GNU privacy guard - a free PGP > rep > ii ispell 3.1.20.0-6 International Ispell (an > interacti > pn mixmaster <none> (no description available) > ii openssl 0.9.8k-4 Secure Socket Layer (SSL) binary > a > ii urlview 0.9-18 Extracts URLs from text > > Versions of packages mutt is related to: > ii mutt 1.5.20-2 text-based mailreader supporting > M > pn mutt-dbg <none> (no description available) > pn mutt-patched <none> (no description available) > > -- no debconf information > > -- > There are only 10 types of people in the world: > Those who understand binary and those who don't. > /unknown/ > > > -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
