tags 769716 + security
tags 769716 grave
stop

Wow... I've just stumbled over this by accident and this is really
extremely outrageous.

Adding security tag and raising severity to grave, since no one know
what's actually contained in that binary blob, one must basically assume
it's an security breach that tries to install a root-kit.
And access to a normal user is usually equal to access to root on
desktop systems - therefore the severity should actually be critical.


It's really highly disturbing that something like this could slip into
Debian, potentially compromising countless of systems.
And it once more proves the points I've brought up several times on
debian-devel, that we have some severe problems about downloader
packages and software that circumvents the package management system.


Chris.

Attachment: smime.p7s
Description: S/MIME cryptographic signature

Reply via email to