severity: serious
tags: security
package: libpam-runtime
Version: 1.0.1-6
Even with the changes committed for 1.0.1-10, enabling only profiles
like consolekit that provide no authentication option leave the system
accepting any password.
I realize this is messy in the code, but I think we need
On Wed, Jul 29, 2009 at 10:25:38AM -0400, Sam Hartman wrote:
severity: serious
tags: security
package: libpam-runtime
Version: 1.0.1-6
Even with the changes committed for 1.0.1-10, enabling only profiles
like consolekit that provide no authentication option leave the system
accepting any
Honestly I'd rather think about fixing it than argue about bug
severities. I would probably have treated all of these as
grave/critical, but I don't care much.
As far as I can tell, the bug severity doesn't matter much:
1) They are all in testing already
2) We agree they want to be fixed
3) We
3 matches
Mail list logo