Marc Haber <[email protected]> writes: > Will you also check Debian unstable? It is much easier to have a package > in unstable fixed, and I suspect that not every crash you find will be a > security relevant one.
I suspect most of them won't be, actually, or at least will be difficult to exploit. A lot of command-line binaries that are only ever run by a regular user aren't particularly well-hardened against things like corrupt configuration files or weird command-line options, but usually those problems aren't really exploitable except under very artificial situations. Still, it's a robustness bug and I'm very happy to see them reported and fixed. -- Russ Allbery ([email protected]) <http://www.eyrie.org/~eagle/> -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
