On Mon, September 29, 2014 13:33, Michael Meskes wrote: > @security: Is this enough of a security problem to warrant a stable > upload? > > The fix seems easy enough, just run pinky if $user is still empty.
On its own, I would not consider failure to lock the screen in specific situations a high priority issue because of the other consequences of having physical access to a machine. Normally I would suggest to fix the bug through the regular stable update channel. However, am I correct that this is a regression in the DSA for acpi-support (0.140-5+deb7u3)? If so, we can fix it through stable security since it's a regression introduced in that channel. Cheers, Thijs -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
