On Fri, Mar 03, 2017 at 08:40:37AM +0100, Mattia Rizzolo wrote:
> On Fri, Mar 03, 2017 at 06:43:03AM +0100, Salvatore Bonaccorso wrote:
> > in the above list.
>
> aheam, what a list.
> Anyway, you (Moritz) opened this bug as RC, but is it fine to downgrade
> to important if I deem the issues not grave enough to be RC?
> They are all crashes, with maliciously crafted PDFs…
Which is the most common attack vector on desktop systems...
If there's no upstream (or failing that, maintainer) activity in
fixing these security issues in the forthcoming months towards the
stretch release, stretch is better off without it.
Cheers,
Moritz
