Hi,
The prototypejs script has been found to be vulnerable to a couple
security issues [0],[1]. This script is embedded in about 32 other
packages and I would like to file bugs against all of those that are
affected. Since this would probably be considered a mass filing, I am
running it past -dev
On 9/18/09, Patrick Matthäi wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Michael S Gilbert schrieb:
>> On Thu, 17 Sep 2009 21:26:38 +0200 Christoph Anton Mitterer wrote:
>>> Hi.
>>>
>>> Some time ago, I've wrote several bug repo
On Thu, 17 Sep 2009 21:26:38 +0200 Christoph Anton Mitterer wrote:
> Hi.
>
> Some time ago, I've wrote several bug reports to packages, that download
> files from some non-apt-secured sources of the web, and install them.
i also started a similar discussion a while back, which was met with
mixed
On Tue, 15 Sep 2009 23:19:12 +0200 Julien Cristau wrote:
> On Tue, Sep 15, 2009 at 16:41:50 -0400, Michael Gilbert wrote:
>
> > the answer to the real problem is education. if a user didn't submit
> > sufficient details in their report, politely ask them for more. show
> > them a guide for strac
On Wed, 29 Jul 2009 19:20:02 +0200, Vincent Danjean wrote:
> Michael S. Gilbert wrote:
> >> Am Mittwoch, den 29.07.2009, 02:25 +0200 schrieb Vincent Danjean:
> >>> Hi,
> >>>
> >>> Since a few days, on a stable machine (with stable, testing and
On Wed, 29 Jul 2009 13:00:13 +0200, Felix Zielcke wrote:
> Am Mittwoch, den 29.07.2009, 02:25 +0200 schrieb Vincent Danjean:
> > Hi,
> >
> > Since a few days, on a stable machine (with stable, testing and
> > unstable sources for apt but APT::Default-Release set to "stable"),
> > "apt-get dist-u
On Wed, 11 Mar 2009 21:12:31 +0100, Kurt Roeckx wrote:
> On Wed, Mar 11, 2009 at 05:46:31PM +, Clint Adams wrote:
> > It may be time to change packages installing files to
> > /emul/ia32-linux (which violates the FHS) to use
> > /usr/lib32 instead.
>
> /usr/lib32 isn't exactly FHS either, but
On Tue, 24 Feb 2009 23:44:31 +0100, Yves-Alexis Perez wrote:
> > here is
> > a .desktop file that looks like it is iceweasel, but really it
> > downloads an essentially random file, but I could have made it do
> > pretty much anything.
>
> Yes, tests may need to be narrowed. That should be part of
On Tue, 24 Feb 2009 19:09:42 -0300, Daniel Ruoso wrote:
> > > So if a .desktop file appears in the user's Desktop without the x bit
> > > set and the user clicks it, it won't get executed..
> > Not exactly. The “safe” .desktop file was in the link I pasted on
> > another mail in the thread:
>
> So
On Tue, 24 Feb 2009 17:32:57 -0300, Daniel Ruoso wrote:
> > By who? The Browser? Fix the browser?
>
> Please take a look at all the discussion in the bug reports, I don't
> think we need to repeat all the argumentation here.
I think Yves is saying that the launcher issue is (and always was)
corre
Dear All,
First of all, congratulations on getting the Lenny release out the
door! I understand that it was a lot of work, and you're probably
looking forward to at least somewhat of a break. So I don't want
to treat this problem with too much urgency (yet), but I would like to
get a dialog goin
11 matches
Mail list logo
