Hi folks,
I reported bug #605484 regarding a security hole in lenny. I believe
the security team was CC'd.
Prior to my report,
http://security-tracker.debian.org/tracker/CVE-2010-3872 said that
Debian/stable was not vulnerable. I also notified them to correct this
issue.
My question here is: who's got the ball on security issues? It seems
that this issue didn't trigger any bugs being created or any bugs being
filed in Debian when it came out. When I did what I thought was
appropriate, it also didn't trigger much. The maintainer was interested
in it, but AFAICT there are, as yet, no new packages.
This is not an attack on any person/team, just a question about whether
we have an organizational problem we need to correct.
Thanks,
-- John Goerzen
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
