Hi Security-team, Bug 402822 was tagged "security" on 14 Dec 2006. I'm not sure whether your team scans the BTS daily for bugs tagged "security". :)
Any suggestions on how to handle this bug? New sarge users won't install the insecure plugin, because installing flashplugin-nonfree 7.0.25-5 cannot download the insecure plugin. So removing flashplugin-nonfree 7.0.25-5 from "stable" won't make anything more secure. Existing sarge users might still be using the insecure plugin. I could create flashplugin-nonfree 7.0.25-6 removing the insecure plugin without installing a new plugin, with a debconf dialog at level "critical" explaining the removal and suggesting backports.org. Your opinion? Regards, Bart Martens
signature.asc
Description: This is a digitally signed message part
