tags 340283 - security thanks * Florian Weimer ([EMAIL PROTECTED]) wrote: > severity 340283 grave > thanks > > * Mike Hommey: > > > severity 340283 important > > thanks > > > > Until it is proven that the crash can lead to an exploit, it's not > > critical. > > A crash which can be triggered just by visiting some web site *is* an > exploit. Furthermore, according to the release criteria for etch, > "causes data loss" is an RC bug. > > Note that there might be technical reasons to downgrade this bug, but > the general nature of this bug isn't one.
Mike interpretation is correct. If you take this to the extreme you seem to be, any application that has saveable state and crashes in an isolated circumstance should have a grave bug filed against it. That seems like extreme stance, and will prevent a lot of worthy packages from migrating into testing. This bug sucks, and it will be fixed, and browsers shouldn't crash just by visiting a malformed page. But important is the appropriate severity. -- Eric Dorland <[EMAIL PROTECTED]> ICQ: #61138586, Jabber: [EMAIL PROTECTED] 1024D/16D970C6 097C 4861 9934 27A0 8E1C 2B0A 61E9 8ECF 16D9 70C6 -----BEGIN GEEK CODE BLOCK----- Version: 3.12 GCS d- s++: a-- C+++ UL+++ P++ L++ E++ W++ N+ o K- w+ O? M++ V-- PS+ PE Y+ PGP++ t++ 5++ X+ R tv++ b+++ DI+ D+ G e h! r- y+ ------END GEEK CODE BLOCK------
signature.asc
Description: Digital signature