Herbert Xu wrote: > Joey Hess <[EMAIL PROTECTED]> wrote: > > > > Similarly, I don't think a bug is grave if it makes a package unusable by > > just one person in an odd sitution. On the other hand, I think all security > > and data loss bugs are grave, even if only a few people can trigger them. > > I disagree. If a package causes a remote root exploit to be available, even > if it's only in a very specific configuration, I would say that it is > critical.
No, it's grave. All security bugs are grave, it's part of the definition of that priority. And later in my message, I said: Similarly, I don't think a bug is grave if it makes a package unusable by just one person in an odd sitution. On the other hand, I think all security and data loss bugs are grave, even if only a few people can trigger them. -- see shy jo
