Package: ganglia Version: 3.3.8-1 Severity: grave Tags: security Control: clone -1 -2 Control: reassign -2 src:ganglia-web 3.5.2-1 X-Debbugs-cc: t...@security.debian.org
Hi again, Given the recent issues in Ganglia's web frontend and a review of some portions of the code we, as in the security team, have decided to limit ganglia's security support to installations behind a trusted HTTP zone. Any vulnerability that is only relevant when exposing ganglia's web frontend to a non-secure zone will therefore be treated as a non-issue by the security team. They could still be fixed via a SPU, however. As such, please add a README.Debian.security file briefly mentioning the limited security support, effective for the version in wheezy and newer. Thanks in advance. Cheers, -- Raphael Geissert - Debian Developer www.debian.org - get.debian.net -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
