Well, obviously it is not a _security_ bug, since it has nothing to do with security. However, it is a bug, maybe even a critical one. As long as the bug does not compromise the security of the system (enables unauthorised execution of code, access to memory of other process of manipulating the content of the other tabs or something like that) is has nothing to do with security and hence not with this list (debian-security).
well, that's obviously for me, but maybe someone else has a different opion about this issue? regards, Jasper -----Original Message----- From: Florian Weimer [mailto:[EMAIL PROTECTED] Sent: woensdag 23 november 2005 11:15 To: [email protected] Subject: What is a security bug? It seems that I have difficulty understanding what constitutes a security bug in a web browser. Suppose that the web browser always crashes when confronted with certain input, losing all of its state. With tabbed browsing, multiple browser opened by the same process etc., this means that potentially important work is lost. Is this a security bug? Or is this more in the category of "don't do that, then"? I used to laugh at office regulations which recommend closing all applications (including internal web applications) when browsing the Internet, but if software vendors don't consider such crash bugs a priority issue, they do make sense. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
