Noam Rathaus wrote:
Hi,
I wanted to consult the community regarding this issue I have:
I have found a security vulnerability in one of Debian's unstable currently un-maintained package, which appears to not exist in the latest version of the product (if you compile it from the source code provided by the author).
I am not quite sure who I would contact in such a case, as the product appears to be un-maintained by Debian, and no email contact is available for that package.
There are no security advisories for unstable/testting (http://www.debian.org/security/faq#testing)
I think the best you can do is to file a bug (with reportbug) and tag it as a security bug, you should
also probably send e-mail to team-AT-security.debian.org
(2 Q&A's at http://www.debian.org/security/faq#discover).
HTH,
--Amos
================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
