Patrick,
Definitely it's not an earth-shattering vulnerability, but the Ubuntu process for USNs isn't any more difficult to go through than the SRU process (need the debdiff to be tested and commented as tested on the bug report). John On Jan 19, 2011, at 1:31 PM, Patrick Matthäi wrote: > Am 19.01.2011 18:58, schrieb John Dong: >> After talking it over with Kees Cook, I think it's best to handle this >> bug as a security update and go through the Ubuntu Security Team rather >> than SRU. >> > > Hello, > > I already asked the Debian Security Team how I should handle this. In > their opinion it is nothing for a DSA, but it is fixed with our next > point release. > > -- > /* > Mit freundlichem Gruß / With kind regards, > Patrick Matthäi > GNU/Linux Debian Developer > > E-Mail: pmatth...@debian.org > patr...@linux-dev.org > > Comment: > Always if we think we are right, > we were maybe wrong. > */ > -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/704674 Title: mumble-server creates world readable config file -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
