On sam, 2009-02-28 at 22:31 -0500, Michael Gilbert wrote: > (although if that's the case, i think that there is a problem > with debian's documentation [1] since it appears to indicate that any > and all security holes are to be reported as grave).
It says “Most security bugs should also be set at critical or grave severity.”. I guess you missed the “most”? Anyway, I'm not really sure of the severity, it's not that easy to exploit, and exploited anyway. I'll summarize that upstream and decide then. Cheers, -- Yves-Alexis
signature.asc
Description: This is a digitally signed message part