* Michael S. Gilbert: > I submitted the recent application launcher issues into the tracker with > medium urgency, and the severity was subsequently reduced to low. I > had followed the categorization guidelines [1], and medium seemed like > a better fit since malicious code execution is possible with user > interaction:
Well, if there were a patch, but without consensus among distributions, there is little we can do, so "low" seems appropriate to me. (Microsoft seems to have the same issue with LNK files, and apparently, it's actively exploited, so if they come up with a good solution, we might use it, too.) -- To UNSUBSCRIBE, email to debian-security-tracker-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org